EUVD-2021-24770

Malware in sbrugna...

SourceCodester Best Salon Management System 注入漏洞

SourceCodester Best Salon Management System is SourceCodester open source a salon management system. SourceCodester Best Salon Management System version 1.0 has an injection vulnerability, the vulnerability stems from the wrong operation of the parameter userid/planid in the file...

CVE-2025-2714

A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /extensions/realestate/index.php/agents/agent-register/addagent. The manipulation of the argument planid leads to cross site scripting. T...

CVE-2023-5030 Tongda OA delete.php sql injection

A vulnerability has been found in Tongda OA up to 11.10 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/plan/delete.php. The manipulation of the argument PLANID leads to sql injection. The exploit has been disclosed to the public and may be used...

CVE-2021-38317

The Konnichiwa! Membership WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the planid parameter in the /views/subscriptions.html.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.8.3...

CVE-2021-38317

The CVE-2021-38317 issue affects the WordPress plugin Konnichiwa! Membership (versions

CVE-2021-38317 Konnichiwa! Membership <= 0.8.3 Reflected Cross-Site Scripting

The Konnichiwa! Membership WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the planid parameter in the /views/subscriptions.html.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.8.3...

Zomato: [www.zomato.com] Availing Zomato Gold membership for free by tampering plan id(s)

Summary: Get free zomato gold membership using zomato iOS app. Description: add more details about this vulnerability 1 Login to the zomato iOS application. 2 Select zomato gold from the home screen. 3 Depending on your location, you will see different gold pack options. 4 Select any gold pack. 5...

CVE-2012-4772

SQL injection vulnerability in register/ in Subrion CMS before 2.2.3 allows remote attackers to execute arbitrary SQL commands via the planid parameter...

Sql injection

SQL injection vulnerability in register/ in Subrion CMS before 2.2.3 allows remote attackers to execute arbitrary SQL commands via the planid parameter...

CVE-2006-1430

Multiple cross-site scripting XSS vulnerabilities in CONTROLzx HMS formerly DRZES 3.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 dedicatedPlanID parameter to dedicatedorder.php, 2 sharedPlanID parameter to sharedorder.php, 3 planid parameter to...

CVE-2006-1430

Multiple cross-site scripting XSS vulnerabilities in CONTROLzx HMS formerly DRZES 3.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 dedicatedPlanID parameter to dedicatedorder.php, 2 sharedPlanID parameter to sharedorder.php, 3 planid parameter to...