CVE-2026-10620

A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

EUVD-2026-33859

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

CVE-2019-25582

i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensitive files by manipulating the file parameter in index.php. Attackers can send GET requests to index.php with filemanager=image and supply arbitrary file paths like...

PT-2026-26930

i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensitive files by manipulating the file parameter in index.php. Attackers can send GET requests to index.php with file manager=image and supply arbitrary file paths like...

EUVD-2006-3167

Malware in sbrugna...

CVE-2020-35388

rainrocka xinhu 2.1.9 allows remote attackers to obtain sensitive information via an index.php?a=gettotal request in which the ajaxbool value is manipulated to be true...