CVE-2026-47242 Net::IMAP: Command Injection via ID command argument

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, when Net::IMAPid is called with a hash argument, although the ID field value strings are correctly quoted escaping quoted specials, they were not validated to prohibit CRLF sequence...

Net::IMAP: Command Injection via ID command argument

Summary Two Net::IMAP commands, id and enable, do not validate their arguments. Arguments to either command could be used by an attacker to inject arbitrary IMAP commands. Please note that passing untrusted inputs to these commands is usually inappropriate and expected to be uncommon. Details Whe...

CVE-2026-10261

A flaw has been found in CodeAstro Online Job Portal 1.0. This affects an unknown function of the file /users/applicationstatus.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used...

CVE-2026-9416

A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed publicly...

CVE-2026-3993

A security vulnerability has been detected in itsourcecode Payroll Management System 1.0. This vulnerability affects unknown code of the file /manageemployeedeductions.php. Such manipulation of the argument ID leads to cross site scripting. The attack may be launched remotely. The exploit has bee...

PT-2025-52614

Name of the Vulnerable Software and Affected Versions SeaCMS versions up to 13.3 Description A SQL injection issue exists in SeaCMS. The issue is located in the admin video.php file, specifically through manipulation of the e id argument within an unknown function. This allows for remote...

CVE-2025-12614

A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function deletepayment of the file /adminclass.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

EUVD-2025-28847

Malicious code in bioql PyPI...

PT-2025-30975 · Campcodes · Best Courier Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Courier Management System version 1.0 Description: A critical issue exists in Campcodes Courier Management System version 1.0. The vulnerability is a SQL injection that affects an unknown part of the file /edit staff.php. The...

PT-2025-30188 · Unknown · Pmticket Project-Management-Software

Name of the Vulnerable Software and Affected Versions: pmTicket Project-Management-Software versions prior to 2ef379da2075f4761a2c9029cf91d073474e7486 Description: A critical issue exists in pmTicket Project-Management-Software. The getUserLanguage function within the classes/class.database.php...

PT-2025-29312 · Unknown · Modern Bag

Name of the Vulnerable Software and Affected Versions: Modern Bag version 1.0 Description: A critical vulnerability exists in an unknown part of the file /product-detail.php. The manipulation of the ID argument leads to SQL injection. This issue is potentially exploitable remotely, and the exploi...

PT-2025-29284 · Unknown · Mobile Shop

Name of the Vulnerable Software and Affected Versions: Mobile Shop version 1.0 Description: A critical vulnerability exists in the file /EditMobile.php. The manipulation of the ID argument leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

PT-2025-27530 · Unknown · Campcodes Employee Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Employee Management System version 1.0 Description: A critical vulnerability has been found in the Campcodes Employee Management System, affecting an unknown functionality of the file /applyleave.php. The manipulation of the ID...

PT-2025-27490 · Unknown · Code-Projects Simple Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Pizza Ordering System version 1.0 Description: A critical issue was found in the code-projects Simple Pizza Ordering System. The manipulation of the ID argument leads to SQL injection in the /large.php file. This issue ca...

PT-2025-26788 · Unknown · Simple Online Hotel Reservation System

Name of the Vulnerable Software and Affected Versions: Simple Online Hotel Reservation System version 1.0 Description: A critical issue was found in the Simple Online Hotel Reservation System. The problem affects the file /admin/delete account.php, where the manipulation of the admin id argument...

PT-2025-25618

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description A critical issue has been found in the software, affecting the processing of the file /user customer create order.php. The manipulation of the user id argument leads to S...

PT-2025-18963 · Unknown · Phpgurukul E-Diary Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul e-Diary Management System version 1.0 Description: A critical vulnerability was found in the PHPGurukul e-Diary Management System, affecting some unknown functionality of the file /manage-categories.php. The manipulation of the ID...

PT-2025-16184 · Unknown · Tutorials-Website Employee Management System

Name of the Vulnerable Software and Affected Versions: Tutorials-Website Employee Management System version 1.0 Description: A vulnerability was found in the Tutorials-Website Employee Management System, affecting an unknown part of the file /admin/update-user.php. The manipulation of the ID...

PT-2025-15109 · Unknown · Codeprojects Online Restaurant Management System

Name of the Vulnerable Software and Affected Versions: codeprojects Online Restaurant Management System version 1.0 Description: A critical vulnerability was found in the codeprojects Online Restaurant Management System. The vulnerability affects an unknown functionality of the file /admin/user...

PT-2025-2062 · Unknown · Kurniaramadhan E-Commerce-Php

Name of the Vulnerable Software and Affected Versions: kurniaramadhan E-Commerce-PHP version 1.0 Description: A critical issue affects an unknown functionality of the file /blog-details.php. The manipulation of the blog id argument leads to SQL injection. The attack can be launched remotely. The...