31 matches found
CVE-2026-5206
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument Paymentid/Amount/customerid/paymenttype/customername leads to sql injection. Remote exploitation...
EUVD-2026-17577
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument Paymentid/Amount/customerid/paymenttype/customername leads to sql injection. Remote exploitation...
CVE-2026-5206
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument Paymentid/Amount/customerid/paymenttype/customername leads to sql injection. Remote exploitation...
CVE-2026-5206 code-projects Simple Gym Management System Payment sql injection
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument Paymentid/Amount/customerid/paymenttype/customername leads to sql injection. Remote exploitation...
CVE-2026-5206
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument Paymentid/Amount/customerid/paymenttype/customername leads to sql injection. Remote exploitation...
CVE-2026-5206
CVE-2026-5206 affects: code-projects Simple Gym Management System 1.0, specifically the unknown code in the Payment Handler . The issue is a SQL injection caused by manipulation of the arguments Payment_id, Amount, customer_id, payment_type, and customer_name. The vulnerability allows remote expl...
CVE-2026-5206 code-projects Simple Gym Management System Payment sql injection
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument Paymentid/Amount/customerid/paymenttype/customername leads to sql injection. Remote exploitation...
PT-2026-29321
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument Payment id/Amount/customer id/payment type/customer name leads to sql injection. Remote...
Code-Projects Simple Gym Management System SQL注入漏洞
Code-Projects Simple Gym Management System is an open-source gym management system developed by Code-Projects. Version 1.0 of the Code-Projects Simple Gym Management System has a SQL injection vulnerability. This vulnerability arises from incorrect operations on parameters such as...
CVE-2026-2010
A vulnerability has been found in Sanluan PublicCMS up to 4.0.202506.d/5.202506.d/6.202506.d. Impacted is the function Paid of the file publiccms-parent/publiccms-trade/src/main/java/com/publiccms/logic/service/trade/TradePaymentService.java of the component Trade Payment Handler. The manipulatio...
EUVD-2026-5690
A vulnerability has been found in Sanluan PublicCMS up to 4.0.202506.d/5.202506.d/6.202506.d. Impacted is the function Paid of the file publiccms-parent/publiccms-trade/src/main/java/com/publiccms/logic/service/trade/TradePaymentService.java of the component Trade Payment Handler. The manipulatio...
PublicCMS 授权问题漏洞
PublicCMS is an open-source content management system CMS developed by PublicCMS Company in China using the Java language. There is an authorization issue in PublicCMS; this issue stems from a mistake in the parameter paymentId of the function Paid within the component Trade Payment Handler,...
youlai-mall 访问控制错误漏洞
youlai-mall is a full-stack mall system by youlaitech open source. youlai-mall version 1.0.0 and 2.0.0 versions of access control error vulnerability , the vulnerability stems from the Order Payment Handler component file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/ The functio...
PT-2025-53407
Name of the Vulnerable Software and Affected Versions youlaitech youlai-mall versions 1.0.0 through 2.0.0 Description An issue exists in youlaitech youlai-mall that relates to improper access controls. The affected component is the Order Payment Handler, specifically within the...
EUVD-2023-12982
Malicious code in bioql PyPI...
CVE-2023-0998
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access controls. It is possib...
CVE-2018-25104
A vulnerability was found in CoinGate Plugin up to 1.2.7 on PrestaShop. It has been rated as problematic. Affected by this issue is the function postProcess of the file modules/coingate/controllers/front/callback.php of the component Payment Handler. The manipulation leads to business logic error...
CVE-2018-25104
A vulnerability was found in CoinGate Plugin up to 1.2.7 on PrestaShop. It has been rated as problematic. Affected by this issue is the function postProcess of the file modules/coingate/controllers/front/callback.php of the component Payment Handler. The manipulation leads to business logic error...
CVE-2018-25104 CoinGate Plugin Payment callback.php postProcess logic error
A vulnerability was found in CoinGate Plugin up to 1.2.7 on PrestaShop. It has been rated as problematic. Affected by this issue is the function postProcess of the file modules/coingate/controllers/front/callback.php of the component Payment Handler. The manipulation leads to business logic error...
CVE-2018-25104
CVE-2018-25104 affects the CoinGate Plugin for PrestaShop (versions up to 1.2.7). The vulnerability lies in the postProcess function of modules/coingate/controllers/front/callback.php, leading to business logic errors. Exploitation is described as possible remotely, with upgrading to version 1.2....