6 matches found
CVE-2025-11589
A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/user-payment.php. Performing a manipulation of the argument plan results in sql injection. It is possible to initiate the attack remotely. The exploit has been released t...
EUVD-2025-25867
Malicious code in bioql PyPI...
itsourcecode Gym Management System 安全漏洞
itsourcecode Gym Management System is an open source gym management system by itsourcecode. A security vulnerability exists in itsourcecode Gym Management System version 1.0, which is caused by SQL injection due to the operation of the parameter plan in the file /ajax.php?action=saveplan...
WordPress FULL – Cliente plugin <= 3.1.12 - Unauthenticated Stored Cross-Site Scripting via License Plan Parameter vulnerability
Unauthenticated Stored Cross-Site Scripting via License Plan Parameter vulnerability discovered by stealthcopter in WordPress Plugin FULL Customer versions = 3.1.12...
Simple Subscription Website SQL注入漏洞
Simple Subscription Website is an open source, web-based simple subscription application by the individual developer Carlo Montero. It is used to provide companies with possible members to apply for plans that provide certain services. An SQL injection vulnerability exists in Simple Subscription...
CVE-2021-27026
A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged...