CVE-2023-53930

ProjectSend r1605 contains an insecure direct object reference vulnerability that allows unauthenticated attackers to download private files by manipulating the download ID parameter. Attackers can access any user's private files by changing the 'id' parameter in the download request to process.p...

CVE-2025-12326

A vulnerability was found in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. This vulnerability affects unknown code of the file /process.php of the component POST Request Handler. The manipulation of the argument un results in sql injection. The attack can be launched remotely...

CVE-2025-12326 shawon100 RUET OJ POST Request process.php sql injection

A vulnerability was found in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. This vulnerability affects unknown code of the file /process.php of the component POST Request Handler. The manipulation of the argument un results in sql injection. The attack can be launched remotely...

EUVD-2020-20668

Malware in sbrugna...

EUVD-2005-3850

Malware in sbrugna...

EUVD-2011-4744

Malware in sbrugna...

EUVD-2022-53346

Malicious code in bioql PyPI...

CVE-2025-9739

A vulnerability has been found in Campcodes Online Water Billing System 1.0. Affected by this issue is some unknown functionality of the file /process.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-9739

A vulnerability has been found in Campcodes Online Water Billing System 1.0. Affected by this issue is some unknown functionality of the file /process.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2024-37849

A SQL Injection vulnerability in itsourcecode Billing System 1.0 allows a local attacker to execute arbitrary code in process.php via the username parameter...

CVE-2022-32056

Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php...

CVE-2022-24992

A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal...

CVE-2020-28183

SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the username and password parameters to process.php...

CVE-2025-0294

CVE-2025-0294 affects SourceCodester Home Clean Services Management System 1.0. The vulnerability is in the file /public_html/admin/process.php where manipulation of the parameters tipo/length/business leads to SQL injection . It is exploitable remotely and, per sources, the exploit has been publ...

CVE-2024-8471 SQL injection vulnerability in Job Portal

Cross-Site Scripting XSS vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through JOBID and USERNAME parameters in /jobportal/process.php...

CVE-2024-7658

A vulnerability, which was classified as problematic, has been found in projectsend up to r1605. This issue affects the function getpreview of the file process.php. The manipulation leads to improper control of resource identifiers. The attack may be initiated remotely. Upgrading to version r1720...

CVE-2024-7658

A vulnerability, which was classified as problematic, has been found in projectsend up to r1605. This issue affects the function getpreview of the file process.php. The manipulation leads to improper control of resource identifiers. The attack may be initiated remotely. Upgrading to version r1720...

CVE-2024-7658 projectsend process.php get_preview resource injection

A vulnerability, which was classified as problematic, has been found in projectsend up to r1605. This issue affects the function getpreview of the file process.php. The manipulation leads to improper control of resource identifiers. The attack may be initiated remotely. Upgrading to version r1720...

CVE-2024-7658 projectsend process.php get_preview resource injection

A vulnerability, which was classified as problematic, has been found in projectsend up to r1605. This issue affects the function getpreview of the file process.php. The manipulation leads to improper control of resource identifiers. The attack may be initiated remotely. Upgrading to version r1720...

CVE-2024-7658

ProjectSend (up to r1605) has a vulnerability in the get_preview function of process.php that allows improper control of resource identifiers, potentially exploitable remotely. Multiple sources (NVD, Red Hat, osv.dev, CVE listings, PT Security) consistently describe this as a resource-ID manipula...