Internship Portal Management System 安全漏洞

Internship Portal Management System is an internship portal management system by ChatikoboL individual developer. A security vulnerability exists in version 1.0 of the Internship Portal Management System due to an SQL injection vulnerability in the adminid parameter of the admin/editadmin.php fil...

CVE-2024-28681

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/plusedit.php...

CVE-2024-1701

A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been...

Stupid Simple CMS Security Vulnerability

Stupid Simple CMS is a content management system by codelyfe individual developer. A security vulnerability exists in Stupid Simple CMS version 1.2.4, which contains a cross-site request forgery CSRF vulnerability via the component /admin-edit.php...

PT-2023-24354 · Unknown · Remote Clinic

Name of the Vulnerable Software and Affected Versions: RemoteClinic version 2.0 Description: The issue is a SQL injection vulnerability located in the /staff/edit.php file. This vulnerability can be exploited through the username and password variables. Recommendations: For RemoteClinic version...

Saad Irfan RemoteClinic Security Vulnerability

Saad Irfan RemoteClinic is a Saad Irfan open source application. Provides the ability to remotely manage your clinic via the Web. A security vulnerability exists in RemoteClinic version 2.0, which stems from a SQL injection vulnerability in the file /staff/edit.php...

CVE-2023-31939

SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomerid parameter at customeredit.php...

CVE-2023-38838

SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component...

seccome Ehoney 安全漏洞

seccome Ehoney is a secure, fast, highly interactive, enterprise-class honeypot management system from China seccome open source. A security vulnerability exists in seccome Ehoney, which stems from the manipulation of the parameter id in an unknown part of its file Admin/edit-admin.php leading to...

Simple Online Book Store System 跨站脚本漏洞

Simple Online Book Store System is a simple online bookstore system by Carlo Montero, an individual developer. Simple Online Book Store System suffers from a cross-site scripting vulnerability, which stems from an unknown function in its /admin/edit.php component that operates on the parameter ei...

The vulnerability of the pages.edit.php component in the FlatCore CMS system allows attackers to perform cross-site scripting attacks.

The vulnerability of the pages.edit.php component in the FlatCore CMS content management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

CVE-2022-28017

Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\overtimeedit.php...

getsimplecms 跨站脚本漏洞

GetSimple CMS is an XML-based, completely self-contained, streamlined content management system. A cross-site scripting vulnerability exists in admin/edit.php in GetSimple CMS version 3.4.0a. An attacker can exploit this vulnerability to conduct a cross-site scripting attack...

CVE-2020-19109

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to adminedit.php, which could let a remote malicious user execute arbitrary code...

anchor CMS Cross-Site Request Forgery Vulnerability

Anchor is an open source lightweight blogging system. anchorcms 0.12.7 cross-site request forgery vulnerability exists , the vulnerability stems from anchor/views/users/edit.php can change the deletion of administrative users...

CVE-2018-18797

School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php...

Cagintranet GetSimple CMS Cross-Site Scripting Vulnerability

Cagintranet GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A cross-site scripting vulnerability exists in the admin/edit.php page in Cagintranet...

GetSimple CMS suffers from multiple cross-site scripting vulnerabilities (CNVD-2015-04182)

GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A cross-site scripting vulnerability exists in Cagintranet Networks GetSimple CMS versions prior to...

YourPlace <= 1.0.2 Multiple Remote Vulnerabilities + RCE Exploit

Exploit for unknown platform in category web applications ================================================================ YourPlace = 1.0.2 Multiple Remote Vulnerabilities + RCE Exploit ================================================================ START 0x01 Informations: Script : YourPlace 0...

PT-2005-4742 · Sapid · Sapid Cms

Name of the Vulnerable Software and Affected Versions: SAPID CMS versions prior to 1.2.3.03 Description: The issue allows remote attackers to bypass authentication by making direct requests to certain files, including insert file.php, insert image.php, insert link.php, insert qcfile.php, and...