CVE-2026-10248 SourceCodester Pharmacy Sales and Inventory System Supplier Creation export create_supplier csv injection

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function createsupplier of the file /Exportcsv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection...

Exploit for Path Traversal in Redaxo

CVE-2026-21857: Redaxo has Path Traversal in Backup Addon Lead...

CVE-2026-21857 Redaxo has Path Traversal in Backup Addon Leading to Arbitrary File Read

REDAXO is a PHP-based content management system. Prior to version 5.20.2, authenticated users with backup permissions can read arbitrary files within the webroot via path traversal in the Backup addon's file export functionality. The Backup addon does not validate the EXPDIR POST parameter agains...

CVE-2025-60912

CVE-2025-60912 affects phpIPAM v1.7.3 and describes a CSRF flaw in the database export path. The vulnerability is caused by the generate-mysql.php function under /app/admin/import-export/, which can allow a remote attacker to trigger large database dump downloads if an administrator has an active...

CVE-2022-50589 SuiteCRM < 7.12.6 SQL Injection via 'export' Functionality

SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerability within the processing of the ‘uid’ parameter within the ‘export’ functionality. Successful exploitation allows remote unauthenticated attackers to ultimately execute arbitrary code...

CVE-2022-50589

SuiteCRM versions before 7.12.6 are affected by a SQL injection vulnerability in the export functionality, triggered by processing the uid parameter. The root cause, per multiple sources, is improper sanitization of the SQL query structure, enabling remote unauthenticated attackers to execute arb...

EUVD-2014-8952

Malware in sbrugna...

EUVD-2016-10651

Malware in sbrugna...

EUVD-2016-7527

Malware in sbrugna...

EUVD-2020-18085

Malware in sbrugna...

EUVD-2016-7531

Malware in sbrugna...

EUVD-2016-10652

Malware in sbrugna...

EUVD-2016-10650

Malware in sbrugna...

EUVD-2022-42771

Malicious code in bioql PyPI...

EUVD-2021-28547

Malicious code in bioql PyPI...

EUVD-2022-5995

Malicious code in bioql PyPI...

EUVD-2022-4272

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-6611

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export...

CVE-2025-8523

A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.fruitcrush.fun. The manipulation leads to improper export of android...

CVE-2019-8227

In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with limited administrative privileges can inject arbitrary JavaScript code via import / export functionality when creating profile action XML...