Schools Alert Management Script - Arbitrary File Read

Schools Alert Management Script is susceptible to an arbitrary file read vulnerability via the f parameter in img.php, aka absolute path traversal. id: CVE-2018-12054 info: name: Schools Alert Management Script - Arbitrary File Read author: wisnupramoedya severity: high description: Schools Alert...

CodeAstro Ingredients Stock Management System SQL Injection Vulnerability

The CodeAstro Ingredients Stock Management System is a inventory management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Ingredients Stock Management System has a SQL injection vulnerability. This vulnerability arises from incorrect operations with the parameter txtsearchcatego...

CVE-2026-26890

Sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/manageproduct.php...

CVE-2026-2224

A vulnerability was detected in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btnfunctions.php. The manipulation of the argument firstname results in cross site scripting. It is possible to launch the attack remotely. The...

EUVD-2025-37501

A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing software updates to mitigate the potential vulnerability...

CVE-2025-11761

A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing software updates to mitigate the potential vulnerability...

CVE-2025-11761

Technical details about affected versions, root cause and fixes are not provided in the supplied documents. Monitor HP advisories for updates.

EUVD-2009-2228

Malware in sbrugna...

EUVD-2008-3735

Malware in sbrugna...

EUVD-2018-18606

Malware in sbrugna...

EUVD-2018-19208

Malware in sbrugna...

EUVD-2025-19195

Malicious code in bioql PyPI...

EUVD-2022-48964

Malicious code in bioql PyPI...

Creativeitem Ekushey CRM 跨站脚本漏洞

Creativeitem Ekushey CRM is an open source project management script by Creativeitem. A cross-site scripting vulnerability exists in Creativeitem Ekushey CRM that stems from insufficient validation of user input and could lead to a stored cross-site scripting attack...

CVE-2025-29331

An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute arbitrary code via the management script x-ui passes the no check certificate option to wget when downloading updates...

CVE-2025-29331

CVE-2025-29331 affects 3x-ui (MHSanaei) prior to v2.5.3. The vulnerability arises from the x-ui management script failing to verify TLS certificates when wget is used to download updates (no-check-certificate option), enabling remote arbitrary code execution. Affected: 3x-ui prior to 2.5.3. Impac...

CVE-2025-29331

An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute arbitrary code via the management script x-ui passes the no check certificate option to wget when downloading updates...

CVE-2025-25021

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a privileged execute code in case management script creation due to the improper generation of code...

CVE-2025-25021

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a privileged execute code in case management script creation due to the improper generation of code...

CVE-2025-25021 IBM QRadar Suite Software and IBM Cloud Pak for Security code injection

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a privileged execute code in case management script creation due to the improper generation of code...