School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting

School Dormitory Management System 1.0 contains an authenticated cross-site scripting vulnerability in admin/inc/navigation.php:126. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-base...

School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting

School Dormitory Management System 1.0 contains an authenticated cross-site scripting vulnerability via admin/inc/navigation.php:125. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-bas...

School Dormitory Management System 1.0 - SQL Injection

School Dormitory Management System 1.0 contains a SQL injection vulnerability via accounts/paymenthistory.php:31. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-30512 info:...

EUVD-2022-52039

Malicious code in bioql PyPI...

EUVD-2024-16269

Malicious code in bioql PyPI...

EUVD-2025-24964

Malicious code in bioql PyPI...

EUVD-2025-25197

Malicious code in bioql PyPI...

EUVD-2024-16268

Malicious code in bioql PyPI...

EUVD-2024-16267

Malicious code in bioql PyPI...

EUVD-2022-52657

Malicious code in bioql PyPI...

EUVD-2022-52374

Malicious code in bioql PyPI...

EUVD-2022-52375

Malicious code in bioql PyPI...

EUVD-2024-16270

Malicious code in bioql PyPI...

CVE-2025-9150

A vulnerability was identified in Surbowl dormitory-management-php up to 9f1d9d1f528cabffc66fda3652c56ff327fda317. Affected is an unknown function of the file /admin/violationadd.php?id=2. Such manipulation of the argument ID leads to sql injection. The attack may be performed from a remote...

CVE-2025-9150

An SQL injection vulnerability exists in Surbowl dormitory-management-php (up to commit 9f1d9d1f528cabffc66fda3652c56ff327fda317) via manipulation of the id parameter in /admin/violation_add.php. It can be exploited remotely, and an exploit is publicly available. Rolling release means version inf...

CVE-2025-9150 Surbowl dormitory-management-php violation_add.php sql injection

A vulnerability was identified in Surbowl dormitory-management-php up to 9f1d9d1f528cabffc66fda3652c56ff327fda317. Affected is an unknown function of the file /admin/violationadd.php?id=2. Such manipulation of the argument ID leads to sql injection. The attack may be performed from a remote...

dormitory-management-php 注入漏洞

dormitory-management-php is a school dormitory management system by the individual developer Jayden Cai. An injection vulnerability exists in dormitory-management-php that stems from SQL injection due to incorrect manipulation of the parameter ID in the file /admin/violationadd.php...

PT-2025-33821 · Surbowl · Dormitory-Management-Php

Name of the Vulnerable Software and Affected Versions: Surbowl dormitory-management-php versions prior to 9f1d9d1f528cabffc66fda3652c56ff327fda317 Description: A SQL injection issue exists in Surbowl dormitory-management-php. The issue is located in the /admin/violation add.php file, specifically...

CVE-2025-9002

A vulnerability was identified in Surbowl dormitory-management-php 1.0. This affects an unknown part of the file login.php. The manipulation of the argument Account leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-9002

A vulnerability was identified in Surbowl dormitory-management-php 1.0. This affects an unknown part of the file login.php. The manipulation of the argument Account leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...