CVE-2026-8128

A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-8128

A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-8131 SourceCodester SUP Online Shopping replymsg.php sql injection

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

CVE-2026-8131

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

SourceCodester SUP Online Shopping 注入漏洞

SourceCodester SUP Online Shopping is an open-source online shopping system developed by SourceCodester. Version 1.0 of SourceCodester SUP Online Shopping has a vulnerability due to SQL injection caused by the param msg.php file’s msgid operation, which may lead to remote attacks...

CVE-2024-58309

xbtitFM 4.1.18 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries by injecting malicious SQL code through the msgid parameter. Attackers can send crafted requests to /shoutedit.php with EXTRACTVALUE functions to extract database...

CVE-2024-58309

This entry details an unauthenticated SQL injection in xbtitFM 4.1.18 via the msgid parameter in /shoutedit.php. The vulnerability uses functions like EXTRACTVALUE to leak database names, user credentials, and password hashes, with network attack potential and high impact on confidentiality, inte...

PT-2025-50761

Name of the Vulnerable Software and Affected Versions xbtitFM version 4.1.18 Description The software contains an unauthenticated SQL injection issue. Remote attackers can manipulate database queries by injecting malicious SQL code through the msgid parameter. Crafted requests sent to the...

CVE-2025-12932

A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed...

CVE-2025-12932

A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed...

CVE-2025-12932 SourceCodester Baby Care System admin.php sql injection

A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed...

CVE-2025-12932

CVE-2025-12932 affects SourceCodester Baby Care System 1.0. The vulnerability exists in the admin functionality, specifically the /admin.php?id=inbox endpoint, where improper handling of the message identifier (msgid) enables a SQL injection. The issue can be triggered remotely and is supported b...

SourceCodester Food Ordering System SQL注入漏洞

SourceCodester Food Ordering System is a SourceCodester open source food ordering system. A SQL injection vulnerability exists in SourceCodester Food Ordering System version 1.0, which stems from incorrect manipulation of the parameter msgid in the file /admin.php?id=inbox, which can lead to SQL...

PT-2025-45602

A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed...

EUVD-2019-7291

Malware in sbrugna...

EUVD-2007-3865

Malware in sbrugna...

EUVD-2023-1396

Malicious code in bioql PyPI...

CVE-2023-28475

Concrete CMS previously concrete5 versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized...

CVE-2020-17453

WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter...

CVE-2021-46896

Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332...