CVE-2026-1733

A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...

CVE-2026-1733

A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...

mall-swarm authorization issue vulnerability (CNVD-2026-10879)

mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from the mishandling of the orderId parameter in the detail function in file /order/detail, no details of the vulnerability are provided at this time...

mall-swarm 授权问题漏洞

mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from the mishandling of the orderId parameter in the detail function in file /order/detail, no details of the vulnerability are provided at this time...

PHPGurukul Vehicle Parking Management System 注入漏洞

Vehicle Parking Management System is a parking management system. Vehicle Parking Management System suffers from a SQL injection vulnerability that stems from an error in the parameter viewid in the file /users/view--detail.php that lacks validation of externally entered SQL statements. An attack...

CVE-2025-6267

A vulnerability was found in zhilink 智互联深圳科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /adpweb/a/base/barcodeDetail/. The manipulation of the argument barcodeNo/barcode/itemNo leads to sql injection...

PHPGurukul Curfew e-Pass Management System 注入漏洞

Curfew e-Pass Management System is an electronic pass management system. Curfew e-Pass Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter editid in the file /admin/edit-category-detail.ph...

CVE-2024-2591

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetailgroup.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...

GHSA-2H26-QFXM-R3PQ Code injection in PowerJob

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

CVE-2023-37754

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

Online Health Care System SQL注入漏洞

Online Health Care System is an online health care system by janobe individual developers. A security vulnerability exists in Online Health Care System v1.0, which stems from the consultingid parameter in its /healthcare/Admin/consultingdetail.php file that allows an attacker to implement SQL...

CVE-2022-40485

Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /packagedetail.php...