4 matches found
EUVD-2026-20787
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /delete.php of the component GET Parameter Handler. This manipulation of the argument ID causes cross site scripting. Remote exploitation of the attack is possible. The exploit has...
TONGDA Office Anywhere Security Breach
TONGDA Office Anywhere is a collaborative office OA system. A security vulnerability exists in TONGDA Office Anywhere v2017 11.9 and earlier versions, which originates from a SQL injection vulnerability in the file /affair/delete.php...
CVE-2023-6052 Tongda OA 2017 delete.php sql injection
A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. Affected is an unknown function of the file general/system/censorwords/module/delete.php. The manipulation of the argument DELETESTR leads to sql injection. The exploit has been disclosed to the public and may be...
Server side request forgery (ssrf)
delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to delete arbitrary blog posts via a direct request...