CVE-2025-11426

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...

Library Management System 代码问题漏洞

Library Management System is a library management system with QR code for attendance and automatic generation of library cards by King Albaracin Individual Developer. A code issue vulnerability exists in Library Management System version 1.0, which stems from an incorrect manipulation of the...

CVE-2020-19107

SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to editbook.php, which could let a remote malicious user execute arbitrary code...

XYCMS Cross-Site Scripting Vulnerability

XYCMS is a content management system based on PHP and MySQL. A cross-site scripting vulnerability exists in the system/editbook.php file in XYCMS version 1.7. A remote attacker can exploit this vulnerability by sending a specially crafted request to adddo.php to inject arbitrary web script or HTM...

SQL Injection Vulnerability in xycms edit_book.php Page id Parameter

XYCMS was formerly known as Nanjing XYCMS Enterprise Building System. After XYCMS editbook.php page id parameter exists SQL injection vulnerability, attackers can exploit the vulnerability to obtain database sensitive information...