CVE-2026-1593

A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/editexpensesquery.php. Executing a manipulation of the argument detail can lead to sql injection. The attack may be launched remotely. The...

Code-Projects Jonnys Liquor SQL注入漏洞

Code-Projects Jonnys Liquor is a content and management system from Code-Projects open source. A SQL injection vulnerability exists in Code-Projects Jonnys Liquor version 1.0, which stems from incorrect manipulation of the parameter Product in the file /detail.php, which could lead to SQL injecti...

EUVD-2025-25709

Malicious code in bioql PyPI...

CVE-2025-3187

A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument logindetail leads to sql injection. The attack may be launched remotely. The exploit...

PHPGurukul e-Diary Management System 安全漏洞

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the logindetail parameter of the login.php file. An attacker can...

PowerJob 安全漏洞

PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their applications. A command execution vulnerability exists in PowerJob version 4.3.3, which stems from the parameter instanceId of /instance/detail failing to properl...

CVE-2020-36073

SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the detail parameter of the document.php page...

SUSE CVE-2011-1696

Cross-site scripting XSS vulnerability in Novell Identity Manager aka IDM User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the...

Subscription-Manager 跨站脚本漏洞

Subscription-Manager is a subscription management system by the individual developer of China's JiYouRan youranreus. A cross-site scripting vulnerability exists in Subscription-Manager v1.0, which stems from a lack of filtering and escaping of the machineDetail parameter in /main.js...

CVE-2020-36003

The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases...

CVE-2019-13507

hidea.com AZ Admin 1.0 has newsdet.php?cod= SQL Injection...

CVE-2017-17624

PHP Multivendor Ecommerce 1.0 has SQL Injection via the singledetail.php sid parameter, or the category.php searchcat or chid1 parameter...

CVE-2017-17636

MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newid parameter...

CVE-2008-2746

SQL injection vulnerability in login.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the detail parameter...