PT-2026-38655

Name of the Vulnerable Software and Affected Versions CodeAstro Leave Management System version 1.0 Description A weakness in the /login.php file allows for remote SQL injection. This occurs through the manipulation of the txt username argument. SQL injection is a type of flaw that allows an...

PT-2026-31582

Name of the Vulnerable Software and Affected Versions PHPGurukul News Portal Project version 4.1 Description A security flaw exists in PHPGurukul News Portal Project 4.1. Manipulation of the Username argument in the /admin/check availability.php file can lead to SQL injection. Remote exploitation...

CVE-2023-1200 ehuacui bbs cross site scripting

A vulnerability was found in ehuacui bbs. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This...

CVE-2023-0785

A vulnerability classified as problematic was found in SourceCodester Best Online News Portal 1.0. Affected by this vulnerability is an unknown functionality of the file checkavailability.php. The manipulation of the argument username leads to exposure of sensitive information through data querie...

SAM SUNNY TRIPOWER 5.0 Insecure Direct Object Reference

Exploit Title: SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference IDOR Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.sma.de Version: SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R Tested on: Linux Firefox CVE : CVE-2021-46416 Proof of Concept...