25 matches found
CVE-2021-36438
The CVE-2021-36438 entry concerns a SQL injection in the Sourcecodester Online Job Portal phppdo 1.0, exploitable via the category parameter in /jobportal/index.php. Affected component: the phppdo 1.0 web app; root cause is unvalidated input in category leading to SQL injection. Impact is describ...
AZL-73201 CVE-2025-14180 affecting package php for versions less than 8.3.29-1
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
EUVD-2020-21660
Malware in sbrugna...
EUVD-2025-3948
Malicious code in bioql PyPI...
Exploit for CVE-2025-32429
CVE-2025-32429 – SQL Injection in PHP PDO Prepared Statements...
CVE-2025-24792
Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...
CVE-2025-24792
Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...
CVE-2025-24792
CVE-2025-24792 concerns the Snowflake PHP PDO Driver: executing unsupported queries (e.g., PUT/GET on stages) triggers a signed-to-unsigned conversion error that crashes the application. Affected versions are 0.2.0–3.0.3; the issue is fixed in 3.1.0. Remediation is to upgrade to 3.1.0 or later. I...
CVE-2025-24792 Snowflake PHP PDO Driver has a Signed-to-Unsigned Conversion Error
Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...
CVE-2025-24792 Snowflake PHP PDO Driver has a Signed-to-Unsigned Conversion Error
Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...
E-Commerce Site Using PHP PDO 1.0 Cross Site Scripting
============================================================================================================================================= | Title : E-Commerce Site using PHP PDO v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 ...
E-Commerce Site Using PHP PDO 1.0 Directory Traversal
============================================================================================================================================= | Title : E-Commerce Site using PHP PDO v1.0 Directory traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
One Church Management System 1.0 SQL Injection Vulnerability
Exploit Title: One Church Management System 1.0 - attendancy.php search2 SQL Injection Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15225/church-management-software-free-download-full-version.html Version: 1.0 Tested on: Linux Title: ================ One Church...
Profiling System For Human Resource Management 1.0 Cross Site Scripting Vulnerability
Exploit Title: Profiling System For Human Resource Management | Stored XSS Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11222/profiling-system-human-resource-management.html Software...
Online Reviewer System 1.0 SQL Injection / Shell Upload
!/bin/bash Exploit Title: Online Reviewer System PHPPDO - RCE & ADMIN BYPASS Exploit Author: Richard Jones Date: 2021-01-31 Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...
CVE-2020-29285
SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to editcategory.php...
Sql injection
SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to editcategory.php...
CVE-2020-29285
SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to editcategory.php...
CVE-2020-29285
CVE-2020-29285 describes a SQL injection in a Point of Sales application (PHP/PDO 1.0) exploitable through the id parameter of edit_category.php. The vulnerability is exposed over the network, requires no authentication, and can impact confidentiality, integrity, and availability (per NVD CVSS 3....
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1224)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...