CVE-2019-25516 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via gallery.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galleryid parameter. Attackers can send GET requests to gallery.php with malicious galleryid values using...

CVE-2019-25513 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection via datagetir.php

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

CVE-2019-25511

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using...

CVE-2019-25511 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using...

CVE-2026-4044

A vulnerability was detected in projectsend up to r1945. This affects the function realpath of the file /import-orphans.php of the component Delete Handler. Performing a manipulation of the argument files results in path traversal. Remote exploitation of the attack is possible. The exploit is now...

Moderate: Red Hat Security Advisory: php:7.4 security update

An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...

RHSA-2026:4212 Red Hat Security Advisory: php security update

Bulletin has no description...

EUVD-2026-11546

A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file addadmin.php. Such manipulation leads to improper authorization. The attack may be launched remotely...

EUVD-2026-11532

A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argument gamename results in cross site scripting. The attack may be performed from remote. The exploit...

CVE-2026-3983

A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argument gamename results in cross site scripting. The attack may be performed from remote. The exploit...

PT-2026-24920

🚨 CVE-2026-3981 A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctor action.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit h...

Netartmedia PHP Mall SQL注入漏洞

Netartmedia PHP Mall is an e-commerce platform system operated by the Bulgarian company Netartmedia. Version 4.1 of Netartmedia PHP Mall contains a SQL injection vulnerability. This vulnerability stems from the presence of SQL injection vulnerabilities in the id and Email parameters, which could...

PT-2026-24968

Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'kat' parameter. Attackers can send GET requests to the katgetir.php endpoint with malicious 'kat' values to...

Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞

Jettweb PHP Ready-made News Sites Script is a content management system provided by the Turkish company Jettweb. The Jettweb PHP Ready-made News Sites Script V2 version has a SQL injection vulnerability. This vulnerability stems from an authentication bypass in the admingiris.php login form, whic...

Microsoft Windows Service Installation Persistence

This is a Microsoft Windows persistent service installer for creating backdoor services that automatically start payloads upon system boot. This tool is designed for authorized penetration testing and security research purposes. This variant from the author is written in PHP...

Netartmedia PHP Mall SQL注入漏洞

Netartmedia PHP Mall is an e-commerce platform system operated by the Bulgarian company Netartmedia. Version 4.1 of Netartmedia PHP Mall contains a SQL injection vulnerability. This vulnerability stems from multiple parameters that are susceptible to SQL injections, potentially allowing unverifie...

PT-2026-24990

uHotelBooking System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the system page GET parameter. Attackers can send crafted requests to index.php with malicious system page values using time-based blind...

PT-2026-25004

Name of the Vulnerable Software and Affected Versions projectsend versions prior to r1946 Description A flaw exists in projectsend up to revision r1945. This impacts an unknown function within the includes/Classes/Auth.php file. Manipulating the ldap email argument can cause an observable...

PT-2026-25001

Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in...

RHEL 8 : php:7.4 (RHSA-2026:4514)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4514 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in arraymerge...