21 matches found
EUVD-2025-197738
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...
EUVD-2006-2053
Malware in sbrugna...
EUVD-2002-1858
Malware in sbrugna...
EUVD-2006-3242
Malware in sbrugna...
EUVD-2023-2230
Malicious code in bioql PyPI...
CVE-2025-10604
A vulnerability was identified in PHPGurukul Online Discussion Forum 1.0. This affects an unknown part of the file /admin/editmember.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...
CVE-2023-36346
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
CVE-2002-1879
SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers to execute arbitrary SQL commands via the 1 member parameter to member.php or 2 loser parameter to misc.php...
Online Class and Exam Scheduling System exam_save.php File SQL Injection Vulnerability
Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameters member and first of...
CVE-2025-29425
Code-projects Online Class and Exam Scheduling System 1.0 is vulnerable to SQL Injection in examsave.php via the parameters member and first...
Codezips Gym Management System 注入漏洞
Codezips Gym Management System is an open source gym management system from Codezips. An injection vulnerability exists in Codezips Gym Management System version 1.0, which stems from the parameter name in the file /dashboard/admin/editmember.php that can lead to SQL injection...
PT-2024-39424 · Sourcecodester · Sourcecodester Loan Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Modern Loan Management System version 1.0 Description: A critical issue has been found, allowing for SQL injection through the manipulation of the searchMember argument in the file search member.php. This can be exploited...
CVE-2023-36346
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
PT-2023-25543 · Unknown · Pos Codekop
Name of the Vulnerable Software and Affected Versions: POS Codekop version 2.0 Description: A reflected cross-site scripting XSS issue was found in POS Codekop. The issue is related to the nm member parameter at the "print.php" endpoint. This allows for potential XSS attacks. Recommendations: For...
CVE-2009-2780
Multiple cross-site scripting XSS vulnerabilities in 68 Classifieds 4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter to category.php, view parameter to 2 login.php and 3 viewlisting.php, page parameter to 4 searchresults.php and 5 toplistings.php, and 6...
CVE-2009-2780
Multiple cross-site scripting XSS vulnerabilities in 68 Classifieds 4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter to category.php, view parameter to 2 login.php and 3 viewlisting.php, page parameter to 4 searchresults.php and 5 toplistings.php, and 6...
Sql injection
SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in member.php in DevBB 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action...
CVE-2006-2070
Cross-site scripting XSS vulnerability in member.php in DevBB 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action...
CVE-2006-2052
Cross-site scripting XSS vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the "viewpro" string does not appear in the...