CVE-2022-1191

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2024-5774

A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack c...

CVE-2024-6112

A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument logemail leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2024-6190

A vulnerability was found in itsourcecode Farm Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...

CVE-2024-57052

An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file...

CVE-2024-57052

Summary (CVE-2024-57052) YouDianCMS (v9.5.20 and earlier) is affected by a privilege-escalation issue via the sessionID parameter in index.php. Root cause involves improper session handling that can allow remote attackers to gain higher privileges. A patch/version with fix not publicly documented...

ZZCMS 注入漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. An injection vulnerability exists in ZZCMS, which originates from an SQL injection vulnerability contained in the id parameter of the /index.php page...

Vysual RH 安全漏洞

Vysual RH is an HR and time management solution from Vysual. A security vulnerability exists in Vysual RH version 2024.12.1, which stems from the parameter page in the file /index.php can lead to cross-site scripting...

PT-2025-3398 · Unknown · Youdiancms

Name of the Vulnerable Software and Affected Versions: YouDianCMS versions 9.5.20 and earlier Description: The issue allows a remote attacker to escalate privileges via the sessionID parameter in the "index.php" file. This is related to incorrect session management, which can lead to privilege...

CVE-2024-13074 PHPGurukul Land Record System index.php cross site scripting

A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-13074

CVE-2024-13074 concerns PHPGurukul Land Record System 1.0. The vulnerability affects an unknown part of the file /index.php, where manipulation of the searchdata argument leads to cross-site scripting (XSS). The issue can be triggered remotely and exploits have been disclosed publicly. Multiple c...

PHPGurukul Land Record System 安全漏洞

PHPGurukul Land Record System is a land management system from PHPGurukul. A security vulnerability exists in PHPGurukul Land Record System version 1.0, which stems from the parameter searchdata in the file /index.php that leads to cross-site scripting...

CVE-2024-13038

CVE-2024-13038 affects CodeAstro Simple Loan Management System v1.0, specifically the Login module’s /index.php. The vulnerability arises from manipulating the email parameter, causing SQL injection. It is exploitable remotely, and public exploits are disclosed. Multiple sources corroborate the i...

PT-2024-17861 · Unknown · Phpgurukul Small Crm

Name of the Vulnerable Software and Affected Versions: PHPGurukul Small CRM version 1.0 Description: A critical issue has been found in the software, affecting an unknown function of the file /admin/index.php. The manipulation of the email argument leads to SQL injection. It is possible to launch...

Code-Projects Online Car Rental System 代码注入漏洞

Code-Projects Online Car Rental System is an open source car rental system from Code-Projects. A code injection vulnerability exists in Code-Projects Online Car Rental System version 1.0, which originates from a cross-site scripting vulnerability contained in multiple parameters of the /index.php...

CVE-2024-12357 SourceCodester Best House Rental Management System index.php file inclusion

A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The...

SourceCodester Best House Rental Management System 安全漏洞

SourceCodester Best House Rental Management System is a SourceCodester open source house rental management system. A security vulnerability exists in SourceCodester Best House Rental Management System version 1.0, which originates from a file inclusion issue in the page parameter of the /index.ph...

CVE-2024-12232 code-projects Simple CRUD Functionality index.php cross site scripting

A vulnerability has been found in code-projects Simple CRUD Functionality 1.0 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument newtitle/newdescr leads to cross site scripting. The attack can be initiated remotely. The...

CVE-2024-11966 PHPGurukul Complaint Management system index.php sql injection

A vulnerability was found in PHPGurukul Complaint Management system 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-11817 PHPGurukul User Registration & Login and User Management System index.php sql injection

A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be...