EUVD-2026-23417

A flaw has been found in Qihui jtbc5 CMS 5.0.3.6. Affected is an unknown function of the file /dev/code/common/diplomat/manage.php of the component Code Endpoint. This manipulation of the argument path causes path traversal. The attack is possible to be carried out remotely. The exploit has been...

PT-2026-33331

Name of the Vulnerable Software and Affected Versions SourceCodester Vehicle Parking Area Management System version 1.0 Description An issue exists in the file '/parking/manage category.php' that allows for SQL Injection, a technique where malicious SQL statements are inserted into entry fields f...

EUVD-2026-21960

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/managerepair.php...

CVE-2023-27083

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality...

CVE-2023-32502

Cross-Site Request Forgery CSRF vulnerability in Sybre Waaijer Pro Mime Types – Manage file media types plugin = 1.0.7 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Sybre Waaijer Pro Mime Types – Manage file media types plugin = 1.0.7 versions...

CVE-2023-32502

CVE-2023-32502 affects WordPress Pro Mime Types (Sybre Waaijer Pro Mime Types – Manage file media types) plugin versions 1.0.7 (i.e., 2.0.0 or newer) remediates the CSRF exposure. Patch severity is medium per Patchstack, and the CVE entry references CSRF without describing exploitable vectors bey...

CVE-2023-27083

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality...

CVE-2023-27083

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality...

Design/Logic Flaw

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality...

CVE-2023-27083

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality...

PT-2023-20941 · Pluck Cms · Pluck Cms

Name of the Vulnerable Software and Affected Versions: Pluck CMS versions 4.7.15 through 4.7.16-dev5 Description: A remote code execution issue was found in the /admin.php file of Pluck CMS, allowing attackers to execute arbitrary code through the manage file functionality. Recommendations: For...

PT-2022-27114 · Dedecmdv6 · Dedecmdv6

Name of the Vulnerable Software and Affected Versions: dedecmdv6 version 6.1.9 Description: The issue allows for Remote Code Execution RCE via the file manage control.php endpoint. Recommendations: For dedecmdv6 version 6.1.9, consider restricting access to the file manage control.php endpoint...

CVE-2022-3671

A vulnerability classified as critical was found in SourceCodester eLearning System 1.0. This vulnerability affects unknown code of the file /admin/students/manage.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed...

Unspecified vulnerability in ZZCMS user/manage.php file

ZZCMS is a content management system CMS by the ZZCMS team in China. A security vulnerability exists in the user/manage.php file in ZZCMS 8.3 and earlier versions. An attacker can exploit the vulnerability to execute code...

SynTail 1.5 Build 566 - CSRF / XSS Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Multiple vulnerabilities in SynTail 1.5 Build 566 CSRF/Stored XSS Date: 07-05-2015 Exploit Author: Marlow Tannhauser Contact: email protected Vendor Homepage: http://www.synametrics.com Software Link:...

SynTail 1.5 Build 566 - Multiple Vulnerabilities

SynTail 1.5 Build 566 - Multiple Vulnerabilities Exploit Title: Multiple vulnerabilities in SynTail 1.5 Build 566 CSRF/Stored XSS Date: 07-05-2015 Exploit Author: Marlow Tannhauser Contact: [email protected] Vendor Homepage: http://www.synametrics.com Software Link:...