Lucene search
K

9 matches found

NVD
NVD
added 2025/09/27 10:15 a.m.7 views

CVE-2025-11054

A security vulnerability has been detected in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/category/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

8.8CVSS0.00351EPSS
Exploits1References5
OSV
OSV
added 2025/07/14 9:15 a.m.4 views

CVE-2025-7590

A vulnerability, which was classified as critical, has been found in PHPGurukul Dairy Farm Shop Management System 1.3. This issue affects some unknown processing of the file edit-category.php. The manipulation of the argument categorycode leads to sql injection. The attack may be initiated...

8.8CVSS5.8AI score0.00315EPSS
Exploits1References5
CVE
CVE
added 2025/04/27 12:0 p.m.70 views

CVE-2025-3969

CVE-2025-3969 concerns the Codeprojects News Publishing Site Dashboard 1.0. The vulnerability is in the Edit Category Page’s /edit-category.php where manipulating the category_image argument leads to unrestricted file uploads. This could enable remote attackers to upload arbitrary files, with pot...

9.8CVSS6.5AI score0.00416EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/27 12:0 a.m.7 views

PT-2025-17996 · Unknown · Codeprojects News Publishing Site Dashboard

Name of the Vulnerable Software and Affected Versions: codeprojects News Publishing Site Dashboard version 1.0 Description: A critical issue affects the processing of the file /edit-category.php of the component "Edit Category Page". The manipulation of the argument category image leads to...

9.8CVSS6.3AI score0.00416EPSS
Exploits1References15
CNVD
CNVD
added 2025/04/09 12:0 a.m.2 views

e-Diary Management System edit-category.php File SQL Injection Vulnerability

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the Category parameter of the edit-category.php?id=8 file. An attacker ca...

9.8CVSS8.2AI score0.00514EPSS
Exploits1References1
NVD
NVD
added 2024/01/16 6:15 p.m.23 views

CVE-2024-22625

Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /SupplyManagementSystem/admin/editcategory.php?id=...

7.2CVSS7.4AI score0.00745EPSS
Exploits1References1
OSV
OSV
added 2023/07/25 7:15 a.m.4 views

CVE-2023-3885

A vulnerability was found in Campcodes Beauty Salon Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/editcategory.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely. The...

6.1CVSS3.8AI score0.00493EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.4 views

Online Ordering System SQL注入漏洞

Online Ordering System is a multi-store ordering system that can be used by any small business.An SQL injection vulnerability exists in Online Ordering System version 2.3.2, which originates from /ordering/admin/category/index.php?view=edit&id = The page lacks validation of externally entered SQL...

9.8CVSS6AI score0.01067EPSS
Exploits1References2
WPVulnDB
WPVulnDB
added 2021/09/20 12:0 a.m.9 views

BetterDocs < 1.9.0 - Reflected Cross-Site Scripting

The plugin does not escape the tagID before outputting it back in the edit category page of the admin dashboard, leading to a Reflected Cross-Site Scripting issue PoC https://example.com/wp-admin/term.php?taxonomy=doccategoryID=147"...

0.1AI score
Exploits0Affected Software1
Rows per page
Query Builder