CVE-2026-32894

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the gradebook result view page allows any authenticated teacher to delete any student's grade result across the entire platform by manipulating the deletemark or...

PT-2026-32003

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.38 Chamilo LMS versions prior to 2.0.0-RC.3 Description Chamilo LMS contains an Insecure Direct Object Reference IDOR issue in the gradebook result view page. An authenticated teacher can delete any student's...

Books_Manager code injection vulnerability

BooksManager is a book management system personally developed by iJason-Liu. There is a code injection vulnerability in BooksManager, which stems from incorrect handling of the parameter “mark” in the file controllers/bookscenter/addbookcheck.php. This vulnerability may lead to cross-site scripti...

UTT 512W 安全漏洞

The UTT Progress 512W is an enterprise-grade wireless router designed for small office or home office SOHO environments for network scenarios with up to 50 people. The UTT Progressive 512W suffers from a buffer overflow vulnerability that originates from the incorrect operation of the strcpy...

e-Diary Management System view-note.php File SQL Injection Vulnerability

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from a missing validation of externally entered SQL statements in the parameter mark of the view-note.php file. An attacker can exploit...

CVE-2024-8151

A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/delete-mark.php. The manipulation of the argument mark leads to cross site scripting. It is possible to initiate the attack...

PT-2024-33621 · Unknown · Sourcecodester Interactive Map With Marker

Name of the Vulnerable Software and Affected Versions: SourceCodester Interactive Map with Marker version 1.0 Description: A critical issue has been found, affecting an unknown functionality of the file /endpoint/delete-mark.php. The manipulation of the mark argument leads to SQL injection. The...

Lightning Wire Labs IPFire 跨站脚本漏洞

Lightning Wire Labs IPFire is a Linux-based open source firewall from Lightning Wire Labs. It focuses on securing your network while being easy to operate and maintain. It offers many features such as VPN, advanced firewall configuration, and of course great performance in all environments. A...

CVE-2016-0769

Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow 1 remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the 2 view, 3 mark, or 4 change parameter...