PT-2023-20539 · Sourcecodester · Sourcecodester Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue was found in the system, affecting the exec function of the disapprove delete.php file. The manipulation of the id argument leads to SQL...

Sql injection

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /librarian/delete.php...

PT-2022-23595 · Unknown · Library Management System

Name of the Vulnerable Software and Affected Versions: Library Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the bookId parameter at the "/admin/delete.php" API endpoint. Recommendations: For Library...

CVE-2022-36727

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /staff/delete.php...

PT-2022-23586 · Unknown · Library Management System

Name of the Vulnerable Software and Affected Versions: Library Management System version 1.0 Description: A SQL injection issue was found in the Library Management System via the bookId parameter at the "/staff/delete.php" API endpoint. Recommendations: For Library Management System version 1.0,...

CVE-2022-25404

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete.php via the DELETESTR parameter...

CVE-2022-25404

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete.php via the DELETESTR parameter...

Sql injection

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete.php via the DELETESTR parameter...

Tongda2000 SQL注入漏洞

Tongda2000 is a web-based intelligent office system from Tongda, China. a SQL injection vulnerability exists in Tongda2000 v11.10, which stems from the product's failure to effectively filter the special characters in the DELETESTR parameter of the delete.php file. An attacker could use this...

CVE-2022-25404

CVE-2022-25404 affects Tongda2000 v11.10, with a SQL injection in delete.php via the DELETE_STR parameter caused by insufficient input filtering. The issue is documented across multiple sources (CNVD/CNNVD/NVD Red Hat etc.) confirming an injectable SQL pathway in that specific version and file. N...

CVE-2022-25404

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete.php via the DELETESTR parameter...

CVE-2017-1002005

Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/delete.php user input isn't sanitized via the contactid variable before adding it to the end of an SQL query...

UBUNTU-CVE-2017-5930

The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check...

CVE-2017-5930

The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check...

MetInfo 5.3.15 Cross Site Scripting

PSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPS PSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPSPS CVE-2017-6878:MetInfo5.3.15 Stored Cross Site Scripting Application: MetInfo Versions Affected: 5.3.15 Vendor URL: http://www.metinfo.cn/...

TextAds delete.php id Parameter XSS

No description provided by source...

Podcast Generator <= 1.2 unauthorized Re-Installation Remote Exploit

No description provided by source. ?php Podcast Generator = 1.2 unauthorized CMS Re-Installation Remote Exploit by staker -------------------------------------- mail: stakerathotmaildotit url: http://podcastgen.sourceforge.net -------------------------------------- it works with registerglobals=o...

CVE-2012-4393

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users for requests that use 1 addBookmark.php, 2 delBookmark.php, or 3 editBookmark.php in bookmarks/ajax/; 4 calendar/delete.php, 5 calendar/edit.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Simple PHP Blog 0.7.0 and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the 1 entry parameter to delete.php or 2 category parameter to index.php...

CVE-2011-5029

Multiple cross-site scripting XSS vulnerabilities in Simple PHP Blog 0.7.0 and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the 1 entry parameter to delete.php or 2 category parameter to index.php...