Lucene search
K

15 matches found

CVE
CVE
added 2026/03/26 11:39 a.m.8 views

CVE-2018-25195

CVE-2018-25195 describes an SQL injection vulnerability in Wecodex Hotel CMS 1.0, specifically in the admin login functionality. The issue allows unauthenticated attackers to bypass authentication by injecting SQL code via the username parameter in POST requests to index.php?action=processlogin, ...

9.8CVSS5.9AI score0.0052EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/08/27 12:0 a.m.7 views

CVE-2025-50972

SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute arbitrary SQL commands via the tmplid parameter to index.php. Three techniques have been demonstrated: error-based injection using a crafted FLOOR-based payload, time-based blind injection via SLEEP, and...

0.00421EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/08/25 12:0 a.m.2 views

PHPGurukul Hospital Management System 安全漏洞

Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the username parameter of index.php. No details of the vulnerability a...

9.8CVSS8AI score0.0033EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/21 12:0 a.m.3 views

CVE-2025-55420

A Reflected Cross Site Scripting XSS vulnerability was found in /index.php in FoxCMS v1.2.6. When a crafted script is sent via a GET request, it is reflected unsanitized into the HTML response. This permits execution of arbitrary JavaScript code when a logged-in user submits the malicious input...

6.1AI score0.0046EPSS
Exploits1References1
CVE
CVE
added 2025/08/19 4:32 p.m.18 views

CVE-2025-9147

CVE-2025-9147 affects the jasonclark getsemantic package up to version 040c96eb8cf9947488bd01b8de99b607b0519f7d. The vulnerability is a cross-site scripting flaw in an unknown function triggered by manipulating the view argument in /index.php. Remote exploitation is possible, and an exploit has b...

6.1CVSS6.2AI score0.00333EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/06/16 9:15 a.m.5 views

CVE-2025-40729

Reflected Cross-Site Scripting XSS in /customersupport/index.php in Customer Support System v1.0, which allows remote attackers to execute arbitrary code via the page parameter...

6.1CVSS6.2AI score0.00317EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.2 views

Job Recruitment 安全漏洞

Job Recruitment by code-projects is a job portal project developed using PHP, CSS, JavaScript, and MySQL technologies. A security vulnerability exists in Job Recruitment version 1.0, which originates from a SQL injection vulnerability in the email parameter of the /index.php page...

9.8CVSS7.8AI score0.0062EPSS
Exploits1References1
OSV
OSV
added 2024/02/29 1:43 a.m.3 views

CVE-2024-1970

A vulnerability, which was classified as problematic, was found in SourceCodester Online Learning System V2 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit h...

6.1CVSS3.8AI score0.00714EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/10/14 12:0 a.m.3 views

SourceCodester Library System SQL Injection Vulnerability

Library System is a library management system by nurhodelta17 individual developer. SourceCodester Library System version 1.0 suffers from a SQL injection vulnerability that stems from the parameter category in the file index.php that causes sql injection...

9.8CVSS8.4AI score0.00649EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2023/08/28 1:15 p.m.4 views

CVE-2023-40753

There is a Cross Site Scripting XSS vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2...

5.4CVSS6AI score0.01053EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.13 views

PT-2023-27785 · Phpjabbers · Phpjabbers Availability Booking Calendar

Name of the Vulnerable Software and Affected Versions: PHP Jabbers Availability Booking Calendar version 5.0 Description: A vulnerability has been found in the software, classified as problematic. It affects an unknown functionality of the file /index.php. The manipulation of the session id...

6.1CVSS6.9AI score0.01766EPSS
Exploits2References6
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.5 views

Night Club Booking Software Cross-Site Scripting Vulnerability

Night Club Booking Software is a PHP Jabbers open source night club booking software. PHP Jabbers Night Club Booking Software version 1.0 suffers from a cross-site scripting vulnerability that stems from the parameter index in the file /index.php can lead to cross-site scripting...

6.1CVSS5.9AI score0.05109EPSS
Exploits3References5
OSV
OSV
added 2023/07/10 4:15 p.m.2 views

CVE-2023-3562

A vulnerability has been found in GZ Scripts PHP CRM Platform 1.8 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack can be initiated remotely. The identifier of this...

6.1CVSS3.9AI score0.00442EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/13 12:0 a.m.4 views

CVE-2023-24648

Zstore v6.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /index.php...

6.1AI score0.00473EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/27 12:0 a.m.2 views

REDAXO CMS Cross-Site Request Forgery Vulnerability

REDAXO CMS is an open source content management system CMS. The system supports custom modules , plug-in extensions , project backup and so on. A cross-site request forgery vulnerability exists in REDAXO CMS version 4.7.2. A remote attacker can add an administrator account with the help of...

8.8CVSS8.9AI score0.00617EPSS
Exploits0References1
Rows per page
Query Builder