Vehicle Record Management System index.php File SQL Injection Vulnerability

Vehicle Record Management System is a vehicle record management system. Vehicle Record Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the searchinputdata parameter of index.php. An attacker can exploit this...

CVE-2025-2472 PHPGurukul Apartment Visitors Management System Sign In index.php sql injection

A vulnerability has been found in PHPGurukul Apartment Visitors Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Sign In. The manipulation of the argument username leads to sql injection. The attac...

CVE-2024-55060

A cross-site scripting XSS vulnerability in the component index.php of Rafed CMS Website v1.44 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2024-55060

CVE-2024-55060 affects Rafed CMS Website v1.44, with a cross-site scripting (XSS) vulnerability in the component index.php that allows an attacker to execute arbitrary web scripts/HTML via a crafted payload. The CVE entry documents a network-vector, low-privilege, user-interaction-required vulner...

CVE-2025-1956 code-projects Shopping Portal Login index.php sql injection

A vulnerability classified as critical has been found in code-projects Shopping Portal 1.0. This affects an unknown part of the file /Shopping/Admin/index.php of the component Login. The manipulation of the argument password leads to sql injection. It is possible to initiate the attack remotely...

GLPI Input Validation Error Vulnerability

GLPI is an open source IT and asset management software from GLPI Open Source. The software provides a full-featured IT resource management interface , you can use it to create a database to fully manage IT computers , monitors , servers , printers , network devices , telephones , and even toner...

CVE-2025-1743 zyx0814 Pichome index.php path traversal

A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This affects an unknown part of the file /index.php?mod=textviewer. The manipulation of the argument src leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed t...

UBUNTU-CVE-2024-11955

A vulnerability was found in GLPI up to 10.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument redirect leads to open redirect. The attack can be launched remotely. The exploit has been...

CVE-2024-11955 GLPI index.php redirect

A vulnerability was found in GLPI up to 10.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument redirect leads to open redirect. The attack can be launched remotely. The exploit has been...

CVE-2024-11955 GLPI index.php redirect

A vulnerability was found in GLPI up to 10.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument redirect leads to open redirect. The attack can be launched remotely. The exploit has been...

CVE-2023-51338

PHPJabbers Meeting Room Booking System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS in the "title, name" parameters of index.php page...

CVE-2023-51338

PHPJabbers Meeting Room Booking System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS in the "title, name" parameters of index.php page...

CVE-2025-25991

CVE-2025-25991 affects HooskCMS v1.7.1. The vulnerability is described as an SQL Injection in the /install/index.php component, enabling a remote attacker to obtain sensitive information. According to the CVSS 3.1 data, the base score is 5.1 (Medium) with a LOCAL attack-vector, LOW complexity, no...

Brute Force

Overview alextselegidis/easyappointments is a powerful Open Source Appointment Scheduler that can be installed on your server. Affected versions of this package are vulnerable to Brute Force through the index.php file. Remediation There is no fixed version for alextselegidis/easyappointments...

Easy!Appointments Improper Restriction of Excessive Authentication Attempts

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file...

Easy!Appointments Improper Restriction of Excessive Authentication Attempts

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file...

CVE-2024-57602

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file...

CVE-2025-1213

A vulnerability was found in pihome-shc PiHome 1.77. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2025-1213 pihome-shc PiHome index.php cross site scripting

A vulnerability was found in pihome-shc PiHome 1.77. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2024-57602

CVE-2024-57602 concerns EasyAppointments v1.5.0. Multiple connected sources confirm a vulnerability in the application where a missing permission validation in the file index.php enables a remote attacker to escalate privileges. The issue is described as unauthenticated, network-based, with HIGH ...