EUVD-2024-17650

Malicious code in bioql PyPI...

CVE-2025-10098

A security flaw has been discovered in PHPGurukul User Management System 1.0. Affected is an unknown function of the file /admin/edit-user-profile.php. The manipulation of the argument uid results in sql injection. The attack may be performed from remote. The exploit has been released to the publ...

CVE-2025-10098 PHPGurukul User Management System edit-user-profile.php sql injection

A security flaw has been discovered in PHPGurukul User Management System 1.0. Affected is an unknown function of the file /admin/edit-user-profile.php. The manipulation of the argument uid results in sql injection. The attack may be performed from remote. The exploit has been released to the publ...

CVE-2025-10098

PHPGurukul User Management System 1.0 has a SQL injection in /admin/edit-user-profile.php when the uid argument is manipulated. The vulnerability is exploitable remotely, and public exploits have been released. The CVE is corroborated across NVD and other feeds (Red Hat, CVE List, PT Security) wi...

CVE-2024-1928

A vulnerability, which was classified as critical, has been found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit-admin.php of the component Edit User Profile Page. The manipulation of the argument Fullname lea...

Sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit-admin.php of the component Edit User Profile Page. The manipulation of the argument Fullname lea...

CVE-2024-1928 SourceCodester Web-Based Student Clearance System Edit User Profile Page edit-admin.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit-admin.php of the component Edit User Profile Page. The manipulation of the argument Fullname lea...

CVE-2024-1928 SourceCodester Web-Based Student Clearance System Edit User Profile Page edit-admin.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit-admin.php of the component Edit User Profile Page. The manipulation of the argument Fullname lea...

Stored XSS in Edit user member profile

Description When making changes to update information, there is a country parameter to insert the xss payload Step 1 : Update user Personal information Proof of Concept // PoC request: // payload: "alertString.fromCharCode88,83 POST /pbboard/index.php?page=usercp&control=1&info=1&start=1 HTTP/1.1...

VulnCheck KEV: CVE-2021-34622

A vulnerability in the user profile update component found in the /src/Classes/EditUserProfile.php file of the ProfilePress WordPress plugin made it possible for users to escalate their privileges to that of an administrator while editing their profile. This issue affects versions 3.0.0 - 3.1.3...

CVE-2010-5284

Multiple cross-site scripting XSS vulnerabilities in Collabtive 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the 1 User parameter in the edit user profile feature to manageuser.php, 2 y parameter in a newcal action to manageajax.php, and the 3 pic parameter to thumb.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Collabtive 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the 1 User parameter in the edit user profile feature to manageuser.php, 2 y parameter in a newcal action to manageajax.php, and the 3 pic parameter to thumb.php...

CVE-2010-5284

Multiple cross-site scripting XSS vulnerabilities in Collabtive 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the 1 User parameter in the edit user profile feature to manageuser.php, 2 y parameter in a newcal action to manageajax.php, and the 3 pic parameter to thumb.php...

CVE-2010-5284

Multiple cross-site scripting XSS vulnerabilities in Collabtive 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the 1 User parameter in the edit user profile feature to manageuser.php, 2 y parameter in a newcal action to manageajax.php, and the 3 pic parameter to thumb.php...