EUVD-2022-35077

Malicious code in bioql PyPI...

CVE-2025-4110

A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-teacher.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be launched remotely...

PT-2023-24024 · Nxlog · Nxlog Manager

Name of the Vulnerable Software and Affected Versions: NXLog Manager version 5.6.5633 Description: A Cross-Site Scripting XSS issue allows an attacker to inject malicious JavaScript into the Full Name field during user edit, due to improper sanitization of the input parameter. This enables the...

CVE-2022-2262 Online Hotel Booking System Room edit_all_room.php sql injection

A vulnerability has been found in Online Hotel Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file editallroom.php of the component Room Handler. The manipulation of the argument id with the input...

CVE-2021-24397

The edit functionality in the MicroCopy WordPress plugin through 1.1.0 makes a get request to fetch the related option. The id parameter used is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection...

Sql injection

The edit functionality in the MicroCopy WordPress plugin through 1.1.0 makes a get request to fetch the related option. The id parameter used is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection...

MicroCopy <= 1.1.0 - Authenticated SQL Injection

The edit functionality in the plugin makes a get request to fetch the related option. The id parameter used is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. PoC GET...