82 matches found
CVE-2025-11477 SourceCodester Wedding Reservation Management System global.php sql injection
A security flaw has been discovered in SourceCodester Wedding Reservation Management System 1.0. This vulnerability affects unknown code of the file /global.php. The manipulation of the argument User results in sql injection. The attack may be launched remotely. The exploit has been released to t...
SourceCodester Wedding Reservation Management System SQL注入漏洞
SourceCodester Wedding Reservation Management System is a SourceCodester open source wedding reservation management system. A SQL injection vulnerability exists in SourceCodester Wedding Reservation Management System version 1.0, which stems from an incorrect manipulation of the parameter User in...
EUVD-2006-4044
Malware in sbrugna...
EUVD-2009-2128
Malware in sbrugna...
EUVD-2002-1901
Malware in sbrugna...
CVE-2025-7611
A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. The manipulation of the argument lu leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed ...
CVE-2025-7611 code-projects Wedding Reservation global.php sql injection
A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. The manipulation of the argument lu leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed ...
CVE-2025-7611 code-projects Wedding Reservation global.php sql injection
A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. The manipulation of the argument lu leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed ...
ekomi.pt XSS vulnerability
Vulnerable URL: http://www.ekomi.pt/vf-global.php?customer=%22%3E%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 971439 VIP website...
ekomi.es XSS vulnerability
Vulnerable URL: http://www.ekomi.es/vf-global.php?customer=%22%3E%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 140569 VIP website...
ekomi.de XSS vulnerability
Vulnerable URL: http://www.ekomi.de/vf-global.php?customer=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 35838 VIP website status:| Yes Check ekomi.de SSL connection:| Grade: A...
ekomi.it XSS vulnerability
Vulnerable URL: http://www.ekomi.it/vf-global.php?customer=%22%3E%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 113892 VIP website...
kingcms任意php文件删除(可截断时升级为任意文件删除 )
简要描述: 设计不当导致任意php文件删除 详细说明: 漏洞文件:global.php 好像是所有php文件都会调用该文件,该文件如下代码 //当cachepath值被提交过来的时候,删除对应的临时缓存文件 if!empty$POST'cachepath' $cachepath=ROOT.PATHCACHE.'/'.$POST'cachepath'.'.php'; ifisfile$cachepath unlink$cachepath;...
QiboCMS /admin/global.php 代码执行漏洞
No description provided by source...
MCMS 3.1.3 最新版sql注入与任意文件读取
简要描述: rt 详细说明: 先看看任意文件读取。 上次提交的这个 WooYun: mcms v3.1.0 sql注入+任意文件读取。 厂商的做法是 $wx=new weixin; $GET = H::sqlxss$GET; $POST = H::sqlxss$POST; ........... function responsemsg global $dbm,$C; $postStr = $GLOBALS"HTTPRAWPOSTDATA"; if!empty$postStr $postObj = simplexmlloadstring$postStr,...
PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV43$2006 ------------------------------------------------------------------------------ ECHOADV43$2006 PHP Live Helper = 2.0 abspath Remote File Inclusion...
VBulletin 2.3.x Global.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20214/info vBulletin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
4images 1.7.8 - Remote File Inclusion Vulnerability
1.漏洞分析 global.php php includeonce$dbservertype; 直接包含文件产生了包含漏洞。 2.漏洞利用 http://host/global.php?dbservertype=shell...
pNews <= 1.1.0 (nbs) Remote File Include Vulnerability
No description provided by source. PowerNews v1.1.0 nbs Remote File Inclusion Affected Software .: PowerNews v1.1.0 Download..: http://sourceforge.net/project/showfiles.php?groupid=35550 Class .............: Remote File Inclusion Risk ..............: high Found by ..........: CvIr.System Contact...
songcms 3.16 /global.php SQL注入漏洞
No description provided by source...