EUVD-2026-34059

A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.php. The manipulation of the argument page results in file inclusion. The attack can be launched remotely. The exploit is now public and may be used...

MiniGal Nano 跨站脚本漏洞

MiniGal Nano is a PHP album program developed by Rybber’s individual developer. Versions of MiniGal Nano prior to 0.3.5 contained a cross-site scripting vulnerability. This vulnerability stemmed from the dir parameter in the index.php file, which allowed for reflective cross-site scripting,...

Xinhu RockOA 安全漏洞

Xinhu RockOA is an office OA system of China Xinhu Company. A security vulnerability exists in Xinhu RockOA version 2.7.0, which originates from the incorrect operation of the parameter a in the file index.php, which may lead to the disclosure of sensitive information...

EUVD-2013-7225

Malware in sbrugna...

EUVD-2018-9578

Malware in sbrugna...

EUVD-2018-8196

Malware in sbrugna...

EUVD-2017-7404

Malware in sbrugna...

EUVD-2019-17753

Malware in sbrugna...

EUVD-2012-6500

Malware in sbrugna...

EUVD-2022-5863

Malicious code in bioql PyPI...

CVE-2025-53820 WeGIA vulnerable to Cross-Site Scripting (XSS) Reflected via endpoint 'index.php' parameter 'erro'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the index.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject...

CVE-2018-15130

ThinkSAAS through 2018-07-25 has XSS via the index.php?app=group∾=create=do groupdesc parameter...

eCharge Hardy Barth cPH2 操作系统命令注入漏洞

eCharge Hardy Barth cPH2 is an electric vehicle charging station from eCharge. The eCharge Hardy Barth cPH2 suffers from an operating system command injection vulnerability that stems from the GET parameter in the index.php endpoint not being properly validated, which could lead to remote code...

SourceCodester Best House Rental Management System 安全漏洞

SourceCodester Best House Rental Management System is a SourceCodester open source house rental management system. A security vulnerability exists in SourceCodester Best House Rental Management System version 1.0, which originates from a file inclusion issue in the page parameter of the /index.ph...

PT-2024-38995 · Bioshox · Raspcontrol

Name of the Vulnerable Software and Affected Versions: Raspcontrol version 1.0 Description: A Cross Site Scripting XSS issue exists through the action parameter in index.php. This allows an attacker to send a specially crafted JavaScript payload to an authenticated user, potentially hijacking the...

Budget Management SQL注入漏洞

SourceCodester Budget Management System is an application from SourceCodester, Inc. It provides a function to calculate exact expenses through a web application. A SQL injection vulnerability exists in Budget Management version 1.0, which stems from the parameter edit in the file /index.php that...

CVE-2023-44276

OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard...

CVE-2023-40751

PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting XSS via the "action" parameter of index.php...

CVE-2023-4191

A vulnerability, which was classified as critical, has been found in SourceCodester Resort Reservation System 1.0. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The...

PT-2023-7429 · Unknown · Osprey Pump Controller

Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue is related to an unauthenticated OS command injection vulnerability. This vulnerability can be exploited to inject and execute arbitrary shell commands through a HTTP POST parameter...