EUVD-2019-20128

ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collectionedit.php. Attackers can submit POST requests with crafted SQL payloads in the keywords field to...

CVE-2019-25693

ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collectionedit.php. Attackers can submit POST requests with crafted SQL payloads in the keywords field to...

CVE-2019-25693

CVE-2019-25693 – ResourceSpace 8.6 SQL injection : An authenticated attacker can inject malicious SQL via the keywords parameter in collection_edit.php (also noted as collection edit.php in some sources), enabling execution of arbitrary queries and extraction of sensitive data such as schema info...

CVE-2019-25693 ResourceSpace 8.6 SQL Injection via collection_edit.php

ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collectionedit.php. Attackers can submit POST requests with crafted SQL payloads in the keywords field to...

CVE-2019-25693 ResourceSpace 8.6 SQL Injection via collection_edit.php

ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collectionedit.php. Attackers can submit POST requests with crafted SQL payloads in the keywords field to...

PT-2026-32161

ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collection edit.php. Attackers can submit POST requests with crafted SQL payloads in the keywords field to...

📄 ahu.mlsp.government.bg Cross Site Scripting

ahu.mlsp.government.bg suffers from a cross site scripting issue. The researcher has waited over a year after reporting this to make public, so hopefully this will encourage them to fix it. Titles: ahu.mlsp.government.bg-XSS-Reflected-CRITICAL Cross-site scripting reflected Author: nu11secur1ty...

CVE-2021-31280

An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the keywords parameter...

CVE-2025-12938

A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /processlogin.php. The manipulation of the argument keywords leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

CVE-2025-12938 projectworlds Online Admission System process_login.php sql injection

A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /processlogin.php. The manipulation of the argument keywords leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

PT-2025-46140

Name of the Vulnerable Software and Affected Versions projectworlds Online Admission System version 1.0 Description A security issue exists in projectworlds Online Admission System version 1.0. The issue involves a SQL injection that can be triggered remotely through manipulation of the keywords...

Projectworlds Online Admission System SQL注入漏洞

Projectworlds Online Admission System is an online admission system from Projectworlds India. Projectworlds Online Admission System version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter keywords in the file /processlogin.php, which could le...

CVE-2025-12237

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /index.php. Such manipulation of the argument keywords leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be us...

CVE-2025-12215

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

PT-2025-43969

Name of the Vulnerable Software and Affected Versions Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System version 1.0 Description A cross site scripting issue exists in Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System...

Projectworlds Advanced Library Management System SQL注入漏洞

Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A SQL injection vulnerability exists in version 1.0 of projectworlds Advanced Library Management System, which stems from incorrect manipulation of the parameter keywords in the fil...

PT-2025-43875

Name of the Vulnerable Software and Affected Versions projectworlds Online Shopping System version 1.0 Description A flaw has been identified in projectworlds Online Shopping System 1.0. The issue involves a potential SQL injection affecting an unknown function within the /login submit.php file...

PT-2025-43893

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System that allows for remote code execution through SQL injection. Manipulation of the keywords argument withi...

EUVD-2018-13126

Malware in sbrugna...

EUVD-2018-7749

Malware in sbrugna...