CVE-2026-48237 Open ISES Tickets < 3.44.2 SQL Injection via message.php frm_ticket_id and frm_resp_id Parameters

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in message.php where the frmticketid and frmrespid POST parameters are concatenated into WHERE clauses of SELECT/UPDATE statements without sanitization. Authenticated attackers can craft requests that alter query semantics to...

CVE-2026-8130

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

CVE-2026-8130 SourceCodester SUP Online Shopping message.php sql injection

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

CVE-2026-8130

CVE-2026-8130 affects SourceCodester SUP Online Shopping 1.0. The vulnerability exists in an unknown function within /admin/message.php where manipulating the seenid parameter enables SQL injection. The issue appears exploitable remotely and public exploit code is available. The provided sources ...

EUVD-2005-4664

Malware in sbrugna...

EUVD-2017-8744

Malware in sbrugna...

EUVD-2024-16512

Malicious code in bioql PyPI...

CVE-2025-10400

A security vulnerability has been detected in SourceCodester Food Ordering Management System 1.0. Impacted is an unknown function of the file /routers/ticket-message.php. Such manipulation of the argument ticketid leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2024-0722

A vulnerability was found in code-projects Social Networking Site 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file message.php of the component Message Page. The manipulation of the argument Story leads to cross site scripting. The attack may be...

CVE-2025-4492 Campcodes Online Food Ordering System ticket-message.php sql injection

A vulnerability, which was classified as critical, has been found in Campcodes Online Food Ordering System 1.0. This issue affects some unknown processing of the file /routers/ticket-message.php. The manipulation of the argument ticketid leads to sql injection. The attack may be initiated remotel...

CVE-2025-4492

CVE-2025-4492 concerns Campcodes Online Food Ordering System 1.0, where manipulation of the argument in /routers/ticket-message.php leads to a SQL injection. The vulnerability (remote- exploitable) arises from improper handling of the ticket_id parameter, with multiple connected sources confirmin...

CVE-2025-25875

Affected software: ITSourcecode Simple ChatBox (up to v1.0). Vulnerable component: /message.php. Root cause: SQL injection in the file as stated. Impact: Confidentiality and integrity are marked HIGH; availability LOW. Attack vector: Network; required privileges: HIGH; user interaction required. ...

Social Networking Site Cross-Site Scripting Vulnerability

Social Networking Site is a social networking site. A cross-site scripting vulnerability exists in version 1.0 of Social Networking Site, which stems from the lack of effective filtering and escaping of user-supplied data in the message.php parameter Story, and can be exploited to execute arbitra...

CVE-2024-0722 code-projects Social Networking Site Message Page message.php cross site scripting

A vulnerability was found in code-projects Social Networking Site 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file message.php of the component Message Page. The manipulation of the argument Story leads to cross site scripting. The attack may be...

CVE-2024-0722 code-projects Social Networking Site Message Page message.php cross site scripting

A vulnerability was found in code-projects Social Networking Site 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file message.php of the component Message Page. The manipulation of the argument Story leads to cross site scripting. The attack may be...

Simple Social Networking Site 跨站脚本漏洞

Social Networking Site is a social networking site. A cross-site scripting vulnerability exists in version 1.0 of Social Networking Site, which stems from the lack of effective filtering and escaping of user-supplied data in the message.php parameter Story, and can be exploited to execute arbitra...

PT-2022-10763 · Unknown · Semcms Shop

Name of the Vulnerable Software and Affected Versions: SEMCMS SHOP version 1.1 Description: The issue affects the Ant Message.php file, allowing for SQL injection. Recommendations: For SEMCMS SHOP version 1.1, consider restricting access to the Ant Message.php file until a patch is available. As ...

CVE-2017-17586

FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter...

Sql injection

FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter...

CVE-2017-17586

FS Olx Clone 1.0 is affected by a SQL Injection vulnerability exposed via the scat parameter in subpage.php or the pid parameter in message.php. The issue is caused by improper handling of user-supplied input in these parameters, enabling remote attackers to inject SQL commands. Public references...