56 matches found
CVE-2026-14639
A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/myaccount.php?editaccount. Such manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2026-14639 CodeAstro Ecommerce Website my_account.php sql injection
A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/myaccount.php?editaccount. Such manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The exploit has been...
PT-2026-55722
Name of the Vulnerable Software and Affected Versions CodeAstro Ecommerce Website version 1.0 Description An issue exists that allows remote SQL injection, a technique where malicious SQL statements are inserted into entry fields for execution. This occurs via the c name variable within the...
CVE-2026-12415
The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravelinvoiceeditaccount AJAX action in versions up to, and including, 1.0.0. The handler is exposed via wpajaxnoprivpravelinvoiceeditaccount, accepts an attacker-controlled...
PT-2026-53043
Name of the Vulnerable Software and Affected Versions Invoice Generator versions prior to 1.0.1 Description The Invoice Generator plugin for WordPress allows privilege escalation because it fails to perform a capability check on the pravel invoice edit account AJAX action. The handler is exposed...
Simple Online Hotel Reservation System edit_account.php File SQL Injection Vulnerability
Simple Online Hotel Reservation System is a simple online hotel reservation system. The Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the /admin/editaccount.php file that does not securely filter the adminid parameter. An attacker can explo...
CVE-2025-13170
A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/editaccount.php. Performing a manipulation of the argument adminid results in sql injection. The attack is possible to be carried out remotely. T...
EUVD-2025-197617
A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/editaccount.php. Performing manipulation of the argument adminid results in sql injection. The attack is possible to be carried out remotely. The...
CVE-2025-13170 code-projects Simple Online Hotel Reservation System edit_account.php sql injection
A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/editaccount.php. Performing a manipulation of the argument adminid results in sql injection. The attack is possible to be carried out remotely. T...
CVE-2025-13170
CVE-2025-13170 concerns the Simple Online Hotel Reservation System 1.0. The vulnerability is an SQL injection in the admin/account editing flow, triggered by manipulating the parameter admin_id in /admin/edit_account.php. Multiple connected sources confirm remote exploitation possibilities and th...
PT-2025-46972
Name of the Vulnerable Software and Affected Versions Simple Online Hotel Reservation System version 1.0 Description A flaw exists in the processing of the /admin/edit account.php file within the software. Manipulation of the admin id argument can lead to SQL injection. This issue is potentially...
EUVD-2018-8942
Malware in sbrugna...
EUVD-2025-26223
Malicious code in bioql PyPI...
EUVD-2025-25380
Malicious code in bioql PyPI...
CVE-2025-9663
A vulnerability was identified in code-projects Simple Grading System 1.0. This impacts an unknown function of the file /editaccount.php of the component Admin Panel. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicl...
CVE-2025-9663
A vulnerability was identified in code-projects Simple Grading System 1.0. This impacts an unknown function of the file /editaccount.php of the component Admin Panel. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicl...
CVE-2025-9663
The CVE-2025-9663 entry concerns code-projects Simple Grading System 1.0, specifically the Admin Panel file /edit_account.php. The connected documents indicate a SQL injection vulnerability triggered by manipulating the ID parameter, with remote exploitation possible and publicly available exploi...
CVE-2025-9663 code-projects Simple Grading System Admin Panel edit_account.php sql injection
A vulnerability was identified in code-projects Simple Grading System 1.0. This impacts an unknown function of the file /editaccount.php of the component Admin Panel. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicl...
CVE-2025-9663 code-projects Simple Grading System Admin Panel edit_account.php sql injection
A vulnerability was identified in code-projects Simple Grading System 1.0. This impacts an unknown function of the file /editaccount.php of the component Admin Panel. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicl...
Code-Projects Simple Grading System 安全漏洞
Simple Grading System is a simple grading system. Simple Grading System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID in the file /editaccount.php. An attacker can exploit this vulnerability to execute...