CVE-2025-13278

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

EUVD-2025-197793

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

CVE-2025-13278

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

CVE-2025-13278

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

CVE-2025-13278 projectworlds Advanced Library Management System borrowed_book_search.php sql injection

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

PT-2025-47143

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A SQL injection issue exists in projectworlds Advanced Library Management System version 1.0. The issue is located in the /borrowed book search.php file, within an unknow...

Advantech WebAccess/NMS getSyslogUiList SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the processi...

CVE-2014-8381

Multiple cross-site scripting XSS vulnerabilities in Megapolis.Portal Manager allow remote attackers to inject arbitrary web script or HTML via the 1 dateFrom or 2 dateTo parameter...

CVE-2014-8381

Multiple cross-site scripting XSS vulnerabilities in Megapolis.Portal Manager allow remote attackers to inject arbitrary web script or HTML via the 1 dateFrom or 2 dateTo parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Megapolis.Portal Manager allow remote attackers to inject arbitrary web script or HTML via the 1 dateFrom or 2 dateTo parameter...

CVE-2014-8381

CVE-2014-8381 affects Megapolis.Portal Manager with multiple XSS vulnerabilities allowing remote attackers to inject arbitrary script via dateFrom or dateTo parameters. Core detail across sources shows web-app input handling flaw enabling script/HTML injection, resulting in partial integrity impa...