CVE-2025-10710

A flaw has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This affects an unknown part of the file /index.php. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. Thi...

CVE-2025-10710

CVE-2025-10710 affects 07FLYCMS, 07FLY-CMS, and 07FlyCRM up to 20250831. The flaw is an XSS in an unknown portion of /index.php caused by manipulation of the Name argument. It can be exploited remotely; exploit appears published. Affected products exist under multiple names; vendor did not respon...

CVE-2025-10596

A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument usn results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-10482

A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be use...

PT-2025-37769

Name of the Vulnerable Software and Affected Versions PHPGurukul Online-Library-Management-System version 3.0 Description An issue allows an attacker to escalate privileges via the index.php file. Recommendations At the moment, there is no information about a newer version that contains a fix for...

PHPGurukul Online Library Management System 安全漏洞

Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in Online Library Management System, which stems from a mismanagement of privileges in index.php and can be exploited by an attacker to cause an elevation of privilege...

itsourcecode Student Information Management System 安全漏洞

itsourcecode Student Information Management System is an itsourcecode open source student information management system. A security vulnerability exists in itsourcecode Student Information Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the...

Code-Projects Online Event Judging System SQL注入漏洞

Online Event Judging System is an online event judging system. The Online Event Judging System suffers from a SQL injection vulnerability that originates from the /index.php file not securely filtering the Username parameter. An attacker can exploit this vulnerability by constructing a malicious...

CVE-2025-10032 Campcodes Grocery Sales and Inventory System index.php cross site scripting

A vulnerability was detected in Campcodes Grocery Sales and Inventory System 1.0. The affected element is an unknown function of the file /index.php. The manipulation of the argument page results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be us...

PT-2025-35804

Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0 Description: A security issue exists in Campcodes Sales and Inventory System 1.0. Manipulation of the page argument in the /index.php file can lead to cross-site scripting. This attack can be...

Campcodes Sales and Inventory System 安全漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. A security vulnerability exists in Campcodes Sales and Inventory System version 1.0, which results from a cross-site scripting attack due to an incorrect manipulation of the parameter page in the file...

CVE-2025-9839

A security flaw has been discovered in itsourcecode Student Information Management System 1.0. The affected element is an unknown function of the file /admin/modules/course/index.php. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possibl...

CVE-2025-9837 itsourcecode Student Information Management System index.php sql injection

A vulnerability was determined in itsourcecode Student Information Management System 1.0. This issue affects some unknown processing of the file /admin/modules/student/index.php. This manipulation of the argument studentId causes sql injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-9837

CVE-2025-9837 affects itsourcecode Student Information Management System 1.0. The vulnerability arises from SQL injection in the file /admin/modules/student/index.php via the studentId parameter. Attacks can be initiated remotely, and the exploit has been publicly disclosed. For mitigation, sever...

CVE-2025-9755 Khanakag-17 Library Management System index.php cross site scripting

A vulnerability has been found in Khanakag-17 Library Management System up to 60ed174506094dcd166e34904a54288e5d10ff24. This affects an unknown function of the file /index.php. The manipulation of the argument msg leads to cross site scripting. Remote exploitation of the attack is possible. The...

PT-2025-35436

Name of the Vulnerable Software and Affected Versions: Khanakag-17 Library Management System affected versions not specified Description: A cross-site scripting issue exists in Khanakag-17 Library Management System. The vulnerability is related to the manipulation of the msg argument of the...

CVE-2025-9602

A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

CVE-2025-50972

SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute arbitrary SQL commands via the tmplid parameter to index.php. Three techniques have been demonstrated: error-based injection using a crafted FLOOR-based payload, time-based blind injection via SLEEP, and...

FoxCMS 安全漏洞

FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS version 1.2.6, which originates from improper handling of /index.php/plus, and could lead to a reflective cross-site scripting attack...

CVE-2025-50971

Directory traversal vulnerability in AbanteCart version 1.4.2 allows unauthenticated attackers to gain access to sensitive system files via the template parameter to index.php...