65 matches found
CVE-2025-6483
A vulnerability has been found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edituser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The...
CVE-2025-6482
A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /edituser-exec.php. The manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2025-6482 code-projects Simple Pizza Ordering System edituser-exec.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /edituser-exec.php. The manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit...
Code-Projects Simple Pizza Ordering System 安全漏洞
Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement in the parameter userid in the file /edituser-exec.php. An attacker can exploit thi...
CVE-2022-1457
Store XSS in title parameter executing at EditUser Page & EditProducto page in GitHub repository neorazorx/facturascripts prior to 2022.04. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the...
Cross-site Scripting (XSS)
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the billname parameter in edituser.inc.php. PoC Pass in a billname parameter value like...
Cross-site Scripting (XSS)
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the device Display Name field, used at several endpoints including edituser. PoC Enter a...
CVE-2024-48708
Collabtive 3.1 is vulnerable to Cross-Site Scripting XSS via the name parameter in a file tasklist.php under action = add/edit and in b file admin.php under action = adduser/edituser...
CVE-2024-5051
A vulnerability has been found in SourceCodester Gas Agency Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file edituser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...
Gas Agency Management System SQL注入漏洞
Gas Agency Management System is a gas agency management software by Mayuri K. Individual developer. It is used to manage the daily operations of a gas agency. A SQL injection vulnerability exists in Gas Agency Management System version 1.0, which stems from a parameter id in the file edituser.php...
CVE-2022-3584
A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file edituser.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been...
Canteen Management System 安全漏洞
Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. A security vulnerability exists in Canteen Management System version 1.0, which stems from some unknown processing in the file edituser.php being affected, where manipulation of the parameter id may resu...
CVE-2022-41439
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php...
PT-2022-25871 · Unknown · Billing System Project
Name of the Vulnerable Software and Affected Versions: Billing System Project version 1.0 Description: A SQL injection issue was found in the Billing System Project. The vulnerability is exploitable via the id parameter at the "/phpinventory/edituser.php" API endpoint. This allows for potential...
CVE-2022-34952
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php...
CVE-2022-34952
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php...
Pharmacy Management System SQL注入漏洞
Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from a lack of validation of external input SQL in the id parameter of edituser.php statements. A...
CVE-2022-2577
A vulnerability classified as critical was found in SourceCodester Garage Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument id with the input -2'%20UNION%20select%2011,user,333,444--+ leads to sql injection. The attack can b...
GHSA-8WP2-VXPG-XCVP Cross site scripting in facturascripts
facturasripts is an open source ERP software. Store XSS in title parameter executing at EditUser Page & EditProducto page in GitHub repository neorazorx/facturascripts prior to 2022.04. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can...
Cross site scripting in facturascripts
facturasripts is an open source ERP software. Store XSS in title parameter executing at EditUser Page & EditProducto page in GitHub repository neorazorx/facturascripts prior to 2022.04. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can...