EUVD-2025-13256

Malicious code in bioql PyPI...

CVE-2025-4075 VMSMan login.php cross site scripting

A vulnerability was found in VMSMan up to 20250416. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Email with the input "alert1 leads to cross site scripting. The attack may be launched remotely. The...

CVE-2024-12964

A vulnerability was found in 1000 Projects Daily College Class Work Report Book 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The exploit h...

WebCalendar 0.9.45 (includedir) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications =================================================================== WebCalendar 0.9.45 includedir Remote File Inclusion Vulnerability ===================================================================...

SudBox Boutique 1.2 - login.php Authentication Bypass

SudBox Boutique 1.2 - login.php Authentication Bypass source: https://www.securityfocus.com/bid/7651/info A vulnerability has been reported for SudBox Boutique. The problem occurs due to insufficient initialization of variables and may allow an unauthorized user to gain authenticate. Specifically...

phpAuction 12 - Unauthorized Administrative Access

phpAuction 12 - Unauthorized Administrative Access source: https://www.securityfocus.com/bid/5141/info PhpAuction is a freely available web-based auction system. It is written using PHP scripting language on a MySQL database engine. A flaw in /admin/login.php has been reported in PHPAuction, whic...