CVE-2019-16664

An issue was discovered in ThinkSAAS 2.91. There is XSS via the index.php?app=group∾=create=do groupname parameter...

CVE-2025-13241

The CVE concerns code-projects Student Information System 2.0, where the vulnerability resides in the /index.php file. The Username parameter can be manipulated to achieve SQL injection, allowing remote execution. The issue is supported by multiple sources (NVD, Red Hat, CNVD, CNNVD, EUVD, VulnDB...

PT-2025-43893

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System that allows for remote code execution through SQL injection. Manipulation of the keywords argument withi...

EUVD-2021-25767

Malware in sbrugna...

EUVD-2020-10073

Malware in sbrugna...

CVE-2025-6082

The Birth Chart Compatibility plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. This is due to insufficient protection against directly accessing the plugin's index.php file, which causes an error exposing the full path. This makes it possible f...

PT-2025-22952 · Unknown · Campcodes Advanced Online Voting System

Name of the Vulnerable Software and Affected Versions: Campcodes Advanced Online Voting System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file /index.php. The manipulation of the voter argument leads to SQL injection. It is possible to...

CVE-2024-33409

SQL injection vulnerability in index.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the name parameter...

CVE-2023-3056

A vulnerability was found in YFCMF up to 3.0.4. It has been declared as problematic. This vulnerability affects unknown code of the file index.php. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

Easy!Appointments Improper Restriction of Excessive Authentication Attempts

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file...

Easy!Appointments Improper Restriction of Excessive Authentication Attempts

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file...

CVE-2024-57602

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file...

CVE-2024-57602

CVE-2024-57602 concerns EasyAppointments v1.5.0. Multiple connected sources confirm a vulnerability in the application where a missing permission validation in the file index.php enables a remote attacker to escalate privileges. The issue is described as unauthenticated, network-based, with HIGH ...

CVE-2024-57052

Summary (CVE-2024-57052) YouDianCMS (v9.5.20 and earlier) is affected by a privilege-escalation issue via the sessionID parameter in index.php. Root cause involves improper session handling that can allow remote attackers to gain higher privileges. A patch/version with fix not publicly documented...

CVE-2024-12357 SourceCodester Best House Rental Management System index.php file inclusion

A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The...

CVE-2024-6190

A vulnerability was found in itsourcecode Farm Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...

CVE-2023-7156

A vulnerability has been found in Campcodes Online College Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file index.php of the component Search. The manipulation of the argument category leads to sql injection. The attack can be initiated remotely...

CVE-2023-6618 SourceCodester Simple Student Attendance System index.php file inclusion

A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The exploit has been disclosed to...

CVE-2023-1043 MuYuCMS index.php path traversal

A vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an unknown function of the file /editor/index.php. The manipulation of the argument dirpath leads to relative path traversal. It is possible to launch the attack remotely. The exploit has been disclosed t...

PT-2022-26894 · Unknown · Csliuwy Coder-Chain Gdut

Name of the Vulnerable Software and Affected Versions: csliuwy coder-chain gdut affected versions not specified Description: A vulnerability has been found in csliuwy coder-chain gdut, classified as problematic. It affects an unknown functionality of the file "/back/index.php/user/User/?1". The...