EUVD-2023-57357

Malicious code in bioql PyPI...

EUVD-2023-57356

Malicious code in bioql PyPI...

CVE-2025-10331

A vulnerability has been found in cdevroe unmark up to 1.9.3. This issue affects some unknown processing of the file /application/controllers/Marks.php. Such manipulation of the argument Title leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to th...

CVE-2025-10331

A vulnerability has been found in cdevroe unmark up to 1.9.3. This issue affects some unknown processing of the file /application/controllers/Marks.php. Such manipulation of the argument Title leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to th...

CVE-2025-10331

Affected software: cdevroe unmark up to v1.9.3. Root cause: improper handling/escaping of the Title parameter in /application/controllers/Marks.php leading to cross-site scripting. Impact: remote attacker can supply a crafted payload to execute scripts via the Title field; exploitation is publicl...

CVE-2025-10331 cdevroe unmark Marks.php cross site scripting

A vulnerability has been found in cdevroe unmark up to 1.9.3. This issue affects some unknown processing of the file /application/controllers/Marks.php. Such manipulation of the argument Title leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to th...

Unmark 代码注入漏洞

Unmark is an open source to-do list application for bookmarking. Unmark 1.9.3 and earlier versions have a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Title in the file /application/controllers/Marks.php,...

PT-2025-37361

Name of the Vulnerable Software and Affected Versions: cdevroe unmark versions up to 1.9.3 Description: A vulnerability exists in cdevroe unmark, potentially allowing for cross site scripting. The issue involves unknown processing of the file /application/controllers/Marks.php. Manipulation of th...

CVE-2025-10329

A vulnerability was detected in cdevroe unmark up to 1.9.3. This affects an unknown part of the file /application/controllers/Marks.php. The manipulation of the argument url results in server-side request forgery. The attack may be launched remotely. The exploit is now public and may be used. The...

CVE-2025-10329

A vulnerability was detected in cdevroe unmark up to 1.9.3. This affects an unknown part of the file /application/controllers/Marks.php. The manipulation of the argument url results in server-side request forgery. The attack may be launched remotely. The exploit is now public and may be used. The...

CVE-2025-10329

CVE-2025-10329 affects cdevroe unmark up to version 1.9.3. The vulnerability resides in an unknown portion of /application/controllers/Marks.php and allows server-side request forgery by manipulating the url parameter. Exploitation can be performed remotely, and public PoCs exist. Multiple connec...

Unmark 代码问题漏洞

Unmark is an open source to-do list application for bookmarking. A code issue vulnerability exists in Unmark 1.9.3 and earlier versions, which stems from incorrect manipulation of the parameter url in the file /application/controllers/Marks.php, which could lead to server-side request forgery. An...

CVE-2024-9079 code-projects Student Record System marks.php sql injection

A vulnerability was found in code-projects Student Record System 1.0 and classified as critical. This issue affects some unknown processing of the file /marks.php. The manipulation of the argument coursename leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2023-5011

Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursename' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-5010

Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursecode' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-5007

Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-5007

Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database...

Sql injection

Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursecode' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-5007 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi)

Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-5011

CVE-2023-5011 affects Student Information System v1.0, with a vulnerability in marks.php where the coursename parameter is not validating input and passes unfiltered characters to the database, enabling authenticated SQL injection. The issue stems from unsanitized user input in the coursename fie...