Lucene search
+L

56 matches found

NVD
NVD
added 2026/07/04 6:16 p.m.12 views

CVE-2026-14639

A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/myaccount.php?editaccount. Such manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The exploit has been...

6.5CVSS0.002EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/04 6:0 p.m.35 views

CVE-2026-14639 CodeAstro Ecommerce Website my_account.php sql injection

A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/myaccount.php?editaccount. Such manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The exploit has been...

6.5CVSS0.002EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.12 views

PT-2026-55722

Name of the Vulnerable Software and Affected Versions CodeAstro Ecommerce Website version 1.0 Description An issue exists that allows remote SQL injection, a technique where malicious SQL statements are inserted into entry fields for execution. This occurs via the c name variable within the...

6.5CVSS6.7AI score0.002EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/06/27 4:30 a.m.17 views

CVE-2026-12415

The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravelinvoiceeditaccount AJAX action in versions up to, and including, 1.0.0. The handler is exposed via wpajaxnoprivpravelinvoiceeditaccount, accepts an attacker-controlled...

9.8CVSS5.8AI score0.00662EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.17 views

PT-2026-53043

Name of the Vulnerable Software and Affected Versions Invoice Generator versions prior to 1.0.1 Description The Invoice Generator plugin for WordPress allows privilege escalation because it fails to perform a capability check on the pravel invoice edit account AJAX action. The handler is exposed...

9.8CVSS5.8AI score0.00662EPSS
Exploits0References10
CNVD
CNVD
added 2025/11/18 12:0 a.m.8 views

Simple Online Hotel Reservation System edit_account.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. The Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the /admin/editaccount.php file that does not securely filter the adminid parameter. An attacker can explo...

9.8CVSS8.3AI score0.00382EPSS
Exploits1References1
NVD
NVD
added 2025/11/14 4:15 p.m.7 views

CVE-2025-13170

A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/editaccount.php. Performing a manipulation of the argument adminid results in sql injection. The attack is possible to be carried out remotely. T...

9.8CVSS0.00382EPSS
Exploits1References7
EUVD
EUVD
added 2025/11/14 4:2 p.m.6 views

EUVD-2025-197617

A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/editaccount.php. Performing manipulation of the argument adminid results in sql injection. The attack is possible to be carried out remotely. The...

7.5CVSS6.6AI score0.00382EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/11/14 4:2 p.m.4 views

CVE-2025-13170 code-projects Simple Online Hotel Reservation System edit_account.php sql injection

A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/editaccount.php. Performing a manipulation of the argument adminid results in sql injection. The attack is possible to be carried out remotely. T...

7.5CVSS7.2AI score0.00382EPSS
Exploits1References7
CVE
CVE
added 2025/11/14 4:2 p.m.20 views

CVE-2025-13170

CVE-2025-13170 concerns the Simple Online Hotel Reservation System 1.0. The vulnerability is an SQL injection in the admin/account editing flow, triggered by manipulating the parameter admin_id in /admin/edit_account.php. Multiple connected sources confirm remote exploitation possibilities and th...

9.8CVSS7.2AI score0.00382EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.9 views

PT-2025-46972

Name of the Vulnerable Software and Affected Versions Simple Online Hotel Reservation System version 1.0 Description A flaw exists in the processing of the /admin/edit account.php file within the software. Manipulation of the admin id argument can lead to SQL injection. This issue is potentially...

7.5CVSS7.1AI score0.00382EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8942

Malware in sbrugna...

5.4CVSS5.5AI score0.00632EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-26223

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00437EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25380

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00264EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/08/31 5:14 p.m.7 views

CVE-2025-9663

A vulnerability was identified in code-projects Simple Grading System 1.0. This impacts an unknown function of the file /editaccount.php of the component Admin Panel. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicl...

8.8CVSS7.5AI score0.00437EPSS
Exploits1References1
OSV
OSV
added 2025/08/29 5:15 p.m.8 views

CVE-2025-9663

A vulnerability was identified in code-projects Simple Grading System 1.0. This impacts an unknown function of the file /editaccount.php of the component Admin Panel. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicl...

8.8CVSS5.7AI score0.00437EPSS
Exploits1References5
CVE
CVE
added 2025/08/29 5:2 p.m.17 views

CVE-2025-9663

The CVE-2025-9663 entry concerns code-projects Simple Grading System 1.0, specifically the Admin Panel file /edit_account.php. The connected documents indicate a SQL injection vulnerability triggered by manipulating the ID parameter, with remote exploitation possible and publicly available exploi...

8.8CVSS7.1AI score0.00437EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/08/29 5:2 p.m.11 views

CVE-2025-9663 code-projects Simple Grading System Admin Panel edit_account.php sql injection

A vulnerability was identified in code-projects Simple Grading System 1.0. This impacts an unknown function of the file /editaccount.php of the component Admin Panel. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicl...

6.5CVSS0.00437EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/08/29 5:2 p.m.2 views

CVE-2025-9663 code-projects Simple Grading System Admin Panel edit_account.php sql injection

A vulnerability was identified in code-projects Simple Grading System 1.0. This impacts an unknown function of the file /editaccount.php of the component Admin Panel. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicl...

6.5CVSS7.1AI score0.00437EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/29 12:0 a.m.4 views

Code-Projects Simple Grading System 安全漏洞

Simple Grading System is a simple grading system. Simple Grading System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID in the file /editaccount.php. An attacker can exploit this vulnerability to execute...

8.8CVSS8.1AI score0.00437EPSS
Exploits1References7
Rows per page
Query Builder