14 matches found
CVE-2025-13278
A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...
EUVD-2025-197793
A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...
CVE-2025-13278
A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...
CVE-2025-13278
A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...
CVE-2025-13278 projectworlds Advanced Library Management System borrowed_book_search.php sql injection
A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...
PT-2025-47143
Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A SQL injection issue exists in projectworlds Advanced Library Management System version 1.0. The issue is located in the /borrowed book search.php file, within an unknow...
EUVD-2005-3683
Malware in sbrugna...
CVE-2025-27444
A reflected XSS vulnerability in RSform!Pro component 3.0.0 - 3.3.13 for Joomla was discovered. The issue arises from the improper handling of the filterdateFrom GET parameter, which is reflected unescaped in the administrative backend interface. This allows an authenticated attacker with admin o...
RSJoomla RSform!Pro 安全漏洞
RSJoomla RSform!Pro is a form component from RSJoomla Inc. A security vulnerability exists in RSJoomla RSform!Pro versions 3.0.0 through 3.3.13, which stems from improper handling of the filterdateFrom parameter and could lead to a reflective cross-site scripting attack...
Advantech WebAccess/NMS getSyslogUiList SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the processi...
CVE-2014-8381
Multiple cross-site scripting XSS vulnerabilities in Megapolis.Portal Manager allow remote attackers to inject arbitrary web script or HTML via the 1 dateFrom or 2 dateTo parameter...
CVE-2014-8381
Multiple cross-site scripting XSS vulnerabilities in Megapolis.Portal Manager allow remote attackers to inject arbitrary web script or HTML via the 1 dateFrom or 2 dateTo parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Megapolis.Portal Manager allow remote attackers to inject arbitrary web script or HTML via the 1 dateFrom or 2 dateTo parameter...
CVE-2014-8381
CVE-2014-8381 affects Megapolis.Portal Manager with multiple XSS vulnerabilities allowing remote attackers to inject arbitrary script via dateFrom or dateTo parameters. Core detail across sources shows web-app input handling flaw enabling script/HTML injection, resulting in partial integrity impa...