139 matches found
News Portal Project /edit-subadmin.php File SQL Injection Vulnerability
News Portal Project is a news portal project. News Portal Project suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter emailid in the file /admin/edit-subadmin.php. An attacker can exploit this vulnerability t...
CVE-2022-30827
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\packageedit.php...
PT-2025-3917 · Fanli2012 · Native-Php-Cms
Name of the Vulnerable Software and Affected Versions: Fanli2012 native-php-cms version 1.0 Description: A critical issue has been found in the software, affecting some unknown functionality of the file /fladmin/cat edit.php. The manipulation of the id argument leads to SQL injection. This issue...
native-php-cms 安全漏洞
native-php-cms is a website builder system for FLi individual developers. A security vulnerability exists in native-php-cms version 1.0, which stems from a parameter id in the file /fladmin/catedit.php that can lead to SQL injection...
PT-2024-34430 · Unknown · Kashipara E-Learning Management System Project
Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System Project version 1.0 Description: A SQL Injection issue was found in the /admin/edit class.php file via the class name parameter. This allows for potential exploitation. Recommendations: For kashipara...
PT-2024-16582 · Unknown · Romadebrian Web-Sekolah
Name of the Vulnerable Software and Affected Versions: romadebrian WEB-Sekolah version 1.0 Description: A vulnerability has been found in the file /Admin/akun edit.php of the component Backend. The manipulation of the argument kode leads to cross site scripting. It is possible to launch the attac...
PT-2024-39539 · Unknown · Bg5Sbk Minicms
Name of the Vulnerable Software and Affected Versions: bg5sbk MiniCMS versions up to 1.11 Description: A vulnerability was found in bg5sbk MiniCMS, affecting some unknown processing of the file post-edit.php, leading to cross-site request forgery. The attack may be initiated remotely. The exploit...
PT-2024-39540 · Unknown · Bg5Sbk Minicms
Name of the Vulnerable Software and Affected Versions: bg5sbk MiniCMS version 1.11 Description: A vulnerability was found in bg5sbk MiniCMS, classified as problematic. It affects an unknown function of the file page-edit.php, leading to cross-site request forgery. The attack can be launched...
PT-2024-32089 · Enms · Enms
Name of the Vulnerable Software and Affected Versions: eNMS versions 4.4.0 through 4.7.1 Description: The issue is related to Directory Traversal via edit file. This allows unauthorized access to sensitive files and directories. Recommendations: For versions 4.4.0 through 4.7.1, consider...
eNMS 安全漏洞
eNMS is a network automation platform from eNMS Open Source. A security vulnerability exists in eNMS versions prior to 4.4.0 through 4.7.1, which stems from vulnerability to directory traversal attacks via editfile...
PT-2024-10015 · Gogs · Gogs
Name of the Vulnerable Software and Affected Versions: Gogs versions =0.13.0 Description: The issue is related to a Directory Traversal vulnerability via the editFilePost function in the internal/route/repo/editor.go file. This vulnerability is caused by improper restriction of the directory path...
CVE-2024-3428
A vulnerability has been found in SourceCodester Online Courseware 1.0 and classified as problematic. This vulnerability affects unknown code of the file edit.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclos...
Online Courseware 安全漏洞
DPEC Online Courseware is an online courseware system from DPEC Corporation. A security vulnerability exists in Online Courseware version 1.0, which can be exploited for cross-site scripting attacks due to the id parameter in the edit.php file...
Online Courseware SQL注入漏洞
DPEC Online Courseware is an online courseware system from DPEC Corporation. A SQL injection vulnerability exists in version 1.0 of Online Courseware, which originates from an SQL injection attack on the id parameter of the admin/edit.php file...
PT-2024-24659 · Unknown · Sourcecodester Internship Portal Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Internship Portal Management System version 1.0 Description: A critical issue has been found in the SourceCodester Internship Portal Management System, affecting the processing of the file admin/edit admin.php. The manipulation...
CVE-2024-1702
A vulnerability was found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /edit.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the publi...
PT-2024-18235 · Unknown · Keerti1924 Php-Mysql-User-Login-System
Name of the Vulnerable Software and Affected Versions: keerti1924 PHP-MYSQL-User-Login-System version 1.0 Description: A critical issue was found in the keerti1924 PHP-MYSQL-User-Login-System, affecting some unknown functionality of the file /edit.php. This issue leads to sql injection and can be...
Supplier Management System Security Vulnerability
Supplier Management System is a supplier management system. A security vulnerability exists in Campcodes Supplier Management System v1.0, which originates from a SQL injection vulnerability in the file editretailer.php...
PT-2024-15431 · Unknown · Kashipara Food Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Food Management System versions up to 1.0 Description: A critical vulnerability has been found in the Kashipara Food Management System. This issue affects the file addmaterial edit.php, where the manipulation of the id argument lead...
PT-2024-15439 · Unknown · Kashipara Food Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Food Management System versions up to 1.0 Description: A critical issue was found in the Kashipara Food Management System. The manipulation of the id argument in an unknown function of the file item list edit.php leads to SQL...