CVE-2019-25346

TheSystem 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the 'servername' parameter. Attackers can inject malicious SQL code like ' or '1=1 to retrieve unauthorized database records and potentially access sensitive system information...

warehouseManager 代码注入漏洞

warehouseManager is a warehouse management system developed by yangshare individual developers in China. A code injection vulnerability exists in warehouseManager version 1.1.0, which originates from the incorrect operation of the parameter Name in the function addCustomer in the file...

EUVD-2022-53185

Malicious code in bioql PyPI...

CVE-2025-6820

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /phpaction/createProduct.php. The manipulation of the argument productName leads to sql injection. The attack may be launched...

PT-2024-25317 · Sourcecodester · Aplaya Beach Resort Online Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Aplaya Beach Resort Online Reservation System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file admin/mod users/controller.php?action=add. The manipulation of...

PT-2024-15668 · WordPress · Amp For Wp – Accelerated Mobile Pages

Name of the Vulnerable Software and Affected Versions: AMP for WP – Accelerated Mobile Pages plugin for WordPress versions up to, and including, 1.0.92.1 Description: The issue is related to Reflected Cross-Site Scripting via the disqus name parameter due to insufficient input sanitization and...

CVE-2017-12121

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the rsakey\name= parm in the...