CVE-2026-5003

A vulnerability was found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. This affects the function handleindex of the file ragsystem/apiserver.py of the component Web Interface. Performing a manipulation results in information disclosure. It is possible to initiate the...

PT-2026-21428

Name of the Vulnerable Software and Affected Versions SapneshNaik Student Management System affected versions not specified Description A flaw exists in SapneshNaik Student Management System that allows for cross site scripting. The issue is related to the manipulation of the Error argument withi...

PT-2025-53844

Name of the Vulnerable Software and Affected Versions SohuTV CacheCloud versions up to 3.2.0 Description A security issue exists in SohuTV CacheCloud. The index function within the file src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java is susceptible to cross-site scriptin...

CVE-2025-15171 SohuTV CacheCloud ServerController.java index cross site scripting

A vulnerability was identified in SohuTV CacheCloud up to 3.2.0. This affects the function index of the file src/main/java/com/sohu/cache/web/controller/ServerController.java. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly...

CVE-2025-15171

The CVE-2025-15171 entry concerns SohuTV CacheCloud up to version 3.2.0, where the vulnerability is in the index function of src/main/java/com/sohu/cache/web/controller/ServerController.java. The root cause is described as a manipulation of the function index that leads to cross-site scripting, w...

EUVD-2020-10373

Malware in sbrugna...

EUVD-2022-52906

Malicious code in bioql PyPI...

CVE-2025-5327 chshcms mccms Gf.php index server-side request forgery

A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit h...

CVE-2020-18449

Cross Site Scripting XSS vulnerability exists in UKCMS v1.1.10 via data in the index function in Single.php...

CVE-2025-4329 74CMS index path traversal

A vulnerability was found in 74CMS up to 3.33.0. It has been rated as problematic. Affected by this issue is the function index of the file /index.php/index/download/index. The manipulation of the argument url leads to path traversal. The attack may be launched remotely. The exploit has been...

CVE-2025-4329 74CMS index path traversal

A vulnerability was found in 74CMS up to 3.33.0. It has been rated as problematic. Affected by this issue is the function index of the file /index.php/index/download/index. The manipulation of the argument url leads to path traversal. The attack may be launched remotely. The exploit has been...

PT-2025-19925 · 74Cms · 74Cms

Name of the Vulnerable Software and Affected Versions: 74CMS versions up to 3.33.0 Description: A vulnerability was found in the function index of the file /index.php/index/download/index. The manipulation of the argument url leads to path traversal. The attack may be launched remotely. The explo...

Code-Projects Human Resource Management System 安全漏洞

Code-Projects Human Resource Management System is an open source human resource management system from Code-Projects. A security vulnerability exists in Code-Projects Human Resource Management System version 1.0.1, which stems from an improperly authorized Index function in the handlerAccount.go...

Deserialization of Untrusted Data

Overview topthink/think is a the new thinkphp framework. Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the Index function. Details Serialization is a process of converting an object into a sequence of bytes which can be persisted to a disk or databa...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the selectFields parameter in the index function in Auth.php. Remediation There is no fixed version for funadmin/funadmin. References - GitHub Issue - Vulnerable Code...

PT-2024-15600 · Taokeyun · Taokeyun

Name of the Vulnerable Software and Affected Versions: Taokeyun versions up to 1.0.5 Description: A critical issue was found in the HTTP POST Request Handler component, specifically affecting the function index of the file application/index/controller/app/Task.php. The manipulation of the cid...

SUSE CVE-2007-6600

PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for 1 VACUUM and 2 ANALYZE operations within index functions, and supports 3 SET ROLE and 4 SET SESSION AUTHORIZATION within inde...

SUSE CVE-2019-14535

A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file...

SUSE CVE-2021-20224

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to GetPixelIndex could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead t...

TuziCMS SQL注入漏洞

TuziCMS Rabbit CMS is a PHP and MySQL based enterprise website content management system CMS. A SQL injection vulnerability exists in TuziCMS version 2.0.6, which stems from a problem with the function index of the file appmanage controllerarticlecontroller.class.php in the component article...