9 matches found
CVE-2025-11054
A security vulnerability has been detected in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/category/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-7590
A vulnerability, which was classified as critical, has been found in PHPGurukul Dairy Farm Shop Management System 1.3. This issue affects some unknown processing of the file edit-category.php. The manipulation of the argument categorycode leads to sql injection. The attack may be initiated...
CVE-2025-3969
CVE-2025-3969 concerns the Codeprojects News Publishing Site Dashboard 1.0. The vulnerability is in the Edit Category Page’s /edit-category.php where manipulating the category_image argument leads to unrestricted file uploads. This could enable remote attackers to upload arbitrary files, with pot...
PT-2025-17996 · Unknown · Codeprojects News Publishing Site Dashboard
Name of the Vulnerable Software and Affected Versions: codeprojects News Publishing Site Dashboard version 1.0 Description: A critical issue affects the processing of the file /edit-category.php of the component "Edit Category Page". The manipulation of the argument category image leads to...
e-Diary Management System edit-category.php File SQL Injection Vulnerability
The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the Category parameter of the edit-category.php?id=8 file. An attacker ca...
CVE-2024-22625
Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /SupplyManagementSystem/admin/editcategory.php?id=...
CVE-2023-3885
A vulnerability was found in Campcodes Beauty Salon Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/editcategory.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely. The...
Online Ordering System SQL注入漏洞
Online Ordering System is a multi-store ordering system that can be used by any small business.An SQL injection vulnerability exists in Online Ordering System version 2.3.2, which originates from /ordering/admin/category/index.php?view=edit&id = The page lacks validation of externally entered SQL...
BetterDocs < 1.9.0 - Reflected Cross-Site Scripting
The plugin does not escape the tagID before outputting it back in the edit category page of the admin dashboard, leading to a Reflected Cross-Site Scripting issue PoC https://example.com/wp-admin/term.php?taxonomy=doccategoryID=147"...