CVE-2026-3758

A weakness has been identified in projectworlds Online Art Gallery Shop 1.0. Affected by this issue is some unknown functionality of the file /admin/adminHome.php. This manipulation of the argument Info causes sql injection. Remote exploitation of the attack is possible. The exploit has been made...

CVE-2025-56697

A Stored Cross-Site Scripting XSS vulnerability was discovered in the /users/adminpanel/admin/home.php?page=feedbacks file of Kashipara Computer Base Test v1.0. Attackers can inject malicious scripts via the smyFeedbacks POST parameter in /users/home.php...

CVE-2025-10431 SourceCodester Pet Grooming Management Software ajax_represent.php sql injection

A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/ajaxrepresent.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public...

CVE-2025-34023 Karel IP Phone IP1211 Path Traversal

A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...

Simple Chat System 注入漏洞

Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that stems from a lack of adequate validation of the input of the id parameter in the /admin/updateuser.php file. No details of the vulnerability are available at this time...

CVE-2024-2944

A vulnerability was found in Campcodes Online Examination System 1.0 and classified as critical. This issue affects some unknown processing of the file /adminpanel/admin/query/deleteCourseExe.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. Th...

PT-2024-22880 · Unknown · Campcodes Online Examination System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Examination System version 1.0 Description: A problematic vulnerability was found in the system, affecting an unknown functionality of the file /adminpanel/admin/facebox modal/updateCourse.php. The manipulation of the id...

Online Food Ordering System 代码问题漏洞

Online Food Ordering System is an online food ordering system by Carlo Montero, an individual developer. A security vulnerability exists in Online Food Ordering System version v2.0, which originates from an arbitrary file upload vulnerability in the component /fos/admin/ajax.php, which can be...

CVE-2022-25409

Hospital Management System v1.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the demail parameter at /admin-panel1.php...

Craft CMS Cross-Site Scripting Vulnerability (CNVD-2019-03526)

Craft CMS is a content management system CMS for developers and content managers. A cross-site scripting vulnerability exists in the /admin-panel-path/index.php?p=admin/actions/entries/save-entry URL in Craft CMS version 3.0.25. A remote attacker can exploit this vulnerability to inject arbitrary...

CVE-2018-19547

JTBCPHP 3.0.1.7 has XSS via the console/xml/manage.php?type=action&action=edit content parameter...

phpCow v2.1 File Inclusion Vulnerability

Exploit for php platform in category web applications ======================================== phpCow v2.1 File Inclusion Vulnerability ======================================== +====================================================================|| About : phpCow v2.1 File Inclusion Vulnerability...

phpCow 2.1 - File Inclusion

|ViRuSHiMa@YouR SyS|\ + ||||\ + ||||""|", + ||||""|"||| + " @''@""""""|@@@ +====================================================================|| About : phpCow v2.1 File Inclusion Vulnerability || ! Site : http://www.phpcow.com || ! Author : ViRuSHiMa || ! Site : wWw.HeLL-z0ne.org || ! E-Mail...

Active PHP Bookmarks v1.3 SQL Injection Vulnerability

Exploit for unknown platform in category web applications ===================================================== Active PHP Bookmarks v1.3 SQL Injection Vulnerability ===================================================== Title: Active PHP Bookmarks v1.3 Remote SQL Injection Vulnerability EDB-ID:...

Active PHP BookMarks 1.3 - SQL Injection

Title: Active PHP Bookmarks v1.3 Remote SQL Injection Vulnerability EDB-ID: CVE-ID: OSVDB-ID: Author: Mr.Elgaarh Published: 2009-12-21 ============================================================= Author : Mr.Elgaarh Email : [email protected] Home : http://securityreason.com/...

4Images 1.7.1 - SQL Injection

Exploit Title: 4images 1.7.1 Remote SQL Injection Vulnerability Date: 20-12-2009 Author: Master Mind Version: 1.7.1 CVE : N/A ============================================================= Script Name : 4images 1.7.1 Language : php Author : Master Mind Home : www.shdowskill.com , www.vbspiders.com...