255 matches found
Evaluation of Prompt Injection Defenses in Large Language Models
LLM-powered applications routinely embed secrets in system prompts, yet models can be tricked into revealing them. We built an adaptive attacker that evolves its strategies over hundreds of rounds and tested it against nine defense configurations across more than 20,000 attacks. Every defense tha...
ChurchCRM 跨站脚本漏洞
ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.0.0 contained a cross-site scripting vulnerability. This vulnerability originated from a storage-based cross-site scripting flaw within the personnel attribute management subsystem. It could allow...
ChurchCRM 跨站脚本漏洞
ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.1.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from stored cross-site scripting in directory report forms, personnel editor default addresses, and external...
CVE-2026-26700
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...
CVE-2026-26702
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/myitemreuse.php...
CVE-2026-26699
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...
CVE-2026-26703
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/advancesearch.php...
CVE-2026-26700
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...
CVE-2026-26700
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...
CVE-2026-26699
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...
CVE-2026-26701
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edittecnicaluser.php...
CVE-2026-26701
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edittecnicaluser.php...
CVE-2026-26703
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/advancesearch.php...
CVE-2026-26702
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/myitemreuse.php...
CVE-2026-26703
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/advancesearch.php...
CVE-2026-26702
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/myitemreuse.php...
CVE-2026-26701
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edittecnicaluser.php...
CVE-2026-26701
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edittecnicaluser.php...
CVE-2026-26699
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...
PT-2026-22612
Name of the Vulnerable Software and Affected Versions sourcecodester Personnel Property Equipment System version 1.0 Description The software contains a flaw that allows for arbitrary code execution. This issue is present in the 'ip/ppes/admin/admin change picture.php' component. Recommendations ...