CVE-2012-0996

Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. dot dot in the class parameter to 1 index.php or 2 admin/index.php...

CVE-2011-5115

Cross-site scripting XSS vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the searchCart parameter to index.php...

CVE-2025-3883

eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this...

CVE-2025-3883 eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability

eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this...

CVE-2014-125045

A vulnerability has been found in meol1 and classified as critical. Affected by this vulnerability is the function GetAnimal of the file opdracht4/index.php. The manipulation of the argument where leads to sql injection. The identifier of the patch is 82441e413f87920d1e8f866e8ef9d7f353a7c583. It ...

CVE-2005-3854

Cross-site scripting XSS vulnerability in index.php in EasyPageCMS allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

eCharge Hardy Barth cPH2 操作系统命令注入漏洞

eCharge Hardy Barth cPH2 is an electric vehicle charging station from eCharge. The eCharge Hardy Barth cPH2 suffers from an operating system command injection vulnerability that stems from the GET parameter in the index.php endpoint not being properly validated, which could lead to remote code...

CVE-2009-0805

Cross-site scripting XSS vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the eventid parameter in index.php...

CVE-2007-3968

index.php in dirLIST before 0.1.1 allows remote attackers to list the contents of an excluded folder via a modified URL containing the folder name...

CVE-2009-3184

Multiple SQL injection vulnerabilities in index.php in Pirates of The Caribbean in the E-Gold Game Series allow remote attackers to execute arbitrary SQL commands via the 1 x and 2 y parameters...

CVE-2005-4645

SQL injection vulnerability in index.php in 3CFR allows remote attackers to execute arbitrary SQL commands via the LangueID parameter...

CVE-2008-0540

Multiple cross-site scripting XSS vulnerabilities in trixbox 2.4.2.0 allow remote attackers to inject arbitrary web script or HTML via the query string to index.php in 1 user/ or 2 maint/...

CVE-2009-0764

Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-1965

Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the setlang parameter to 1 archive.php, 2 article.php, 3 index.php, or 4 topics.php...

SourceCodester Online College Library System 注入漏洞

SourceCodester Online College Library System is SourceCodester open source an online college library system. SourceCodester Online College Library System version 1.0 has an injection vulnerability, the vulnerability stems from the wrong operation of the parameter Category in the file /index.php...

CVE-2025-4329

A vulnerability was found in 74CMS up to 3.33.0. It has been rated as problematic. Affected by this issue is the function index of the file /index.php/index/download/index. The manipulation of the argument url leads to path traversal. The attack may be launched remotely. The exploit has been...

CVE-2025-4314 SourceCodester Advanced Web Store index.php sql injection

A vulnerability has been found in SourceCodester Advanced Web Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument txtLogin leads to sql injection. The attack can be launched remotely. The...

CVE-2025-4250 code-projects Nero Social Networking Site index.php sql injection

A vulnerability was found in code-projects Nero Social Networking Site 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument fname/lname/login/password2/cpassword/address/cnumber/email/gender/propic/month leads to sql...

PT-2025-17685 · Echarge · Echarge

Name of the Vulnerable Software and Affected Versions: eCharge Hardy Barth cPH2 affected versions not specified Description: The issue is related to a command injection remote code execution problem. It affects the index.php file. Recommendations: At the moment, there is no information about a...

PT-2025-37378

Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30 Description Chamilo is a learning management system. A blind Server-Side Request Forgery SSRF condition exists due to insufficient validation of incoming requests used in the operating system command. Successf...