EUVD-2025-6167

Malicious code in bioql PyPI...

CVE-2025-47937

TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, when performing a database query involving multiple tables through the database abstraction layer DBAL, frontend...

CVE-2024-51430

Cross Site Scripting vulnerability in online diagnostic lab management system using php v.1.0 allows a remote attacker to execute arbitrary code via the Test Name parameter on the diagnostic/add-test.php component...

CVE-2021-40577

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter...

Subrion CMS SQL Injection Vulnerability (CNVD-2021-53920)

Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into websites and supports multiple extension plugins, etc. A SQL injection vulnerability exists in Subrion CMS v4.2.1, which stems from the website's use of PDO connections. No detailed...

CSZ CMS Cross-Site Scripting Vulnerability (CNVD-2021-50172)

CSZ CMS is a PHP-based open source content management system CMS. CSZ CMS suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML by entering a crafted payload in the "New Page" field under the "Page Content" module...

Rockoa Xinhu Information Disclosure Vulnerability

Rockoa Xinhu is a Php-based office OA system from China Xinhu Rockoa. Rockoa Xinhu 2.1.9 version of the information leakage vulnerability, the vulnerability stems from ajaxbool value is manipulated to true, the attacker can obtain sensitive information by exploiting the vulnerability...

ZZZphp sa***.php page sl*** parameter has SQL injection vulnerability

zzphp is a PHP and MYSQL based on free open source building system . ZZZphp sa.php page sl parameters exist SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...

imcat information disclosure vulnerability (CNVD-2019-00972)

imcat is a PHP-based open source website building system . A security vulnerability exists in imcat version 4.4. An attacker can exploit the vulnerability to leak the full path with ev.php?tools-ipaddr&api=Pcoln&uip= URI...

Critical Moodle Vulnerability Could Lead to Server Compromise

A critical vulnerability in Moodle, an open source PHP-based learning management system deployed across scores of schools and universities, could expose the server its running on to compromise. Tens of thousands of universities worldwide, including the California State University system, the...

Grimbb hash disclosure vulnerability

Grimbb is an open source PHP-based flat file electronic publishing version of the system . Grimbb version 1.3 has a hash information leakage vulnerability, the vulnerability stems from unauthorized access to the system's configuration file to store user information, an attacker can use this...

UBB.threads Detection

The remote host is running UBB.threads, a web-based message board software system written in PHP. %NASLMINLEVEL 70300 C Tenable Network Security include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid17315; scriptversion"1.14";...

MinisTraverse.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Minis directory traversal vulnerability Vulnerability discovery: Madelman Date: 31/12/2004 Severity: Moderate Summary: - -------- from vendor site: http://minis.sourceforge.net/ Minis is a tiny, PHP-powered, text-file based weblogging system. I...