CVE-2018-19228

An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation...

EUVD-2008-2072

Malware in sbrugna...

EUVD-2018-13034

Malware in sbrugna...

Pre-School Enrollment System Project update-class-pic.php File Directory Traversal Vulnerability

The Pre-School Enrollment System Project is a preschool enrollment system project. A directory traversal vulnerability exists in Pre-School Enrollment System Project, which stems from a lack of validity checking of paths in the file update-class-pic.php when processing directory requests, and can...

CVE-2025-50349

PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php...

CVE-2025-50348

PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-class-pic.php...

CVE-2025-50349

PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php...

CVE-2025-50348

PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-class-pic.php...

Sql injection

An issue was discovered in S-CMS 1.0. It allows SQL Injection via the js/pic.php Pid parameter...

CVE-2018-20480

CVE-2018-20480 affects S-CMS 1.0. A SQL injection vulnerability exists in the js/pic.php file, exploitable through the P_id parameter. The root cause is improper handling of the P_id input leading to SQL injection. Impact details in the sources indicate potential data exposure/modification, but t...

laurisch-architekt.de XSS vulnerability

Open Bug Bounty ID: OBB-636867 Description| Value ---|--- Affected Website:| laurisch-architekt.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ufcw496.org XSS vulnerability

Open Bug Bounty ID: OBB-545665 Description| Value ---|--- Affected Website:| ufcw496.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

WordPress IMDb Profile Widget 1.0.8 Plugin - Local File Inclusion

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin IMDb Profile Widget - Local File Inclusion Exploit Author: CrashBandicot @DosPerl Date: 2016-03-26 Google Dork : inurl:/wp-content/plugins/imdb-widget Vendor Homepage: https://wordpress.org/plugins/imdb-widget/...

web.ics.purdue.edu XSS vulnerability

Vulnerable URL: http://web.ics.purdue.edu/aepinews/pic.php?pic=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 09:52 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...

appcms 1.3.855 /pic.php 任意文件下载漏洞

No description provided by source...

appcms 1.3.708 /pic.php 任意文件下载漏洞

No description provided by source...

CVE-2008-2075

Cross-site scripting XSS vulnerability in pic.php in AstroCam 2.5.0 through 2.7.3 allows remote attackers to inject arbitrary web script or HTML via the picfile parameter...

XSS in AstroCam

XSS in AstroCam 2.5.x/2.6.x/2.7.123 ------------------------------------- Software: AstroCam Vulnerable: 2.5.0-2.7.3 Not vulnerable: 2.7.4 Class: Input Validation Error Remote: Yes Local: Yes Credit: This issue was announced by the vendor. Anouncement:...