53 matches found
CVE-2024-36670
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component admin/vpsClassdeal.php?mudi=del...
PT-2024-27111 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the admin/type deal.php component, specifically via the mudi=del parameter. This allows for unauthorized actions to be performed. Recommendations: F...
PHPGurukul Student Record System SQL注入漏洞
Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the del parameter of the file /manage-courses.php?del=1. An attacker can exploit this vulnerability t...
CVE-2024-3089
A vulnerability has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/manage-ambulance.php of the component Manage Ambulance Page. The manipulation of the argument del leads to cross-site reques...
PHPGurukul Emergency Ambulance Hiring Portal 安全漏洞
Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. The Emergency Ambulance Hiring Portal suffers from a cross-site request forgery vulnerability that originates in the parameter del of the file /admin/manage-ambulance.php of the component manage ambulance Page that does no...
CVE-2024-2481
A vulnerability, which was classified as critical, was found in Surya2Developer Hostel Management System 1.0. Affected is an unknown function of the file /admin/manage-students.php. The manipulation of the argument del leads to improper access controls. It is possible to launch the attack remotel...
ForU CMS Security Vulnerability
ForU CMS is an open source website builder from ForU. A security vulnerability exists in ForU CMS, which stems from an incorrect operation of the parameter del that can lead to a denial of service...
Poultry Farm Management System SQL注入漏洞
Poultry Farm Management System is a full-featured poultry management system. A security vulnerability exists in Poultry Farm Management System v1.0, which was discovered to contain a SQL injection vulnerability via the del parameter of /Redcock-Farm/farm/category.php...
CVE-2022-36733
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the MId parameter at /admin/del.php...
Sql injection
An issue was discovered in AikCms v2.0. There is a SQL Injection vulnerability via $GET'del', as demonstrated by an admin/page/system/nav.php?del= URI...
Electric Sheep Fencing Pfsense WebGUI Cross-Site Scripting Vulnerability
Electric Sheep Fencing pfsense is a free and open source FreeBSD-based firewall and router software from Electric Sheep Fencing. A cross-site scripting vulnerability exists in the WebGUI of Electric Sheep Fencing pfSense versions prior to 2.2.3, which stems from the servicescaptiveportalzones.php...
CVE-2007-2350
admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter...
CVE-2007-2350
admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter...