CVE-2026-0591

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

CVE-2022-50789

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory with .dns.pid extension. Unauthenticated attackers can execute the malicious commands by making a single HTTP POST request to the...

CVE-2025-63950

An insecure deserialization vulnerability exists in the download.php script of the to3k Twittodon application through commit b1c58a7d1dc664b38deb486ca290779621342c0b 2023-02-28. The 'obj' parameter receives base64-encoded data that is passed directly to the unserialize function without validation...

CVE-2025-63950

The CVE describes an insecure deserialization vulnerability in the to3k Twittodon application, specifically in the download.php script where the obj parameter is base64-encoded data passed directly to unserialize() without validation. This allows a remote, unauthenticated attacker to inject arbit...

EUVD-2025-203274

A security vulnerability has been detected in itsourcecode Online Pet Shop Management System 1.0. This issue affects some unknown processing of the file /pet1/updatecnp.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been...

📄 Desktop XDG 1.0 Code Execution

This proof of concept generates a malicious file that allows for arbitrary code execution in Desktop XDG version 1.0. ============================================================================================================================================= | Title : Desktop XDG v1.0 Malicious...

PT-2025-50528

Name of the Vulnerable Software and Affected Versions appRain CMF version 4.0.5 Description The application contains a remote code execution issue accessible to authenticated administrative users. An attacker can upload malicious PHP files through the filemanager upload endpoint. Successful...

📄 Azure APIM 2 Vulnerability Checker

This PHP script is a full vulnerability scanner with proof of concepts for Azure API Management APIM instances, focusing on the possibility of cross‑tenant account signup bypass through the Basic Auth Identity Provider...

CVE-2025-66261

Unauthenticated OS Command Injection restoresettings.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform URL-decoded name parameter passed to exec allows remote code execution. The...

EUVD-2012-4291

Malware in sbrugna...

EUVD-2014-3353

Malware in sbrugna...

EUVD-2019-10889

Malware in sbrugna...

EUVD-2020-11268

Malware in sbrugna...

EUVD-2001-1217

Malware in sbrugna...

EUVD-2009-4799

Malware in sbrugna...

EUVD-2016-2050

Malware in sbrugna...

EUVD-2017-11135

Malware in sbrugna...

EUVD-2005-4089

Malware in sbrugna...

EUVD-2007-0127

Malware in sbrugna...

EUVD-2011-4653

Malware in sbrugna...