CVE-2025-60938

Emoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that allows authenticated users to execute arbitrary commands on the target system. The vulnerability stems from insufficient input validation of user-controlled parameters including filename, port, baudrate,...

Emoncms 安全漏洞

Emoncms is an open source web application from Emoncms Open Source. The program is primarily used to process, record and display energy, temperature and other environmental data. A security vulnerability exists in Emoncms version 11.7.3, which stems from insufficient input validation of the...

CVE-2025-60938

Emoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that allows authenticated users to execute arbitrary commands on the target system. The vulnerability stems from insufficient input validation of user-controlled parameters including filename, port, baudrate,...

CVE-2025-3134

A vulnerability classified as critical has been found in code-projects Payroll Management System 1.0. This affects an unknown part of the file /addovertime.php. The manipulation of the argument rate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

Code-Projects Payroll Management System 注入漏洞

Code-Projects Payroll Management System is an open source payroll management system from Code-Projects. An injection vulnerability exists in Code-Projects Payroll Management System version 1.0, which stems from an incorrect manipulation of the parameter rate that can lead to SQL injection...

Code-Projects Payroll Management System 安全漏洞

Code-Projects Payroll Management System is an open source payroll management system from Code-Projects. A security vulnerability exists in Code-Projects Payroll Management System version 1.0, which stems from an incorrect manipulation of the parameter salaryrate that can lead to SQL injection...

Fake Magazine Cover Script SQL Injection Vulnerability

Fake Magazine Cover Script is a script for creating magazine cover websites. Fake Magazine Cover Script suffers from a SQL injection vulnerability. An attacker can perform SQL injection via the rate.php value parameter or the content.php id parameter...

CVE-2017-15987

Fake Magazine Cover Script allows SQL Injection via the rate.php value parameter or the content.php id parameter...

Piwigo rate parameter SQL Injection

SQL injection vulnerability in include/functionsrate.inc.php Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

CVE-2014-9115

SQL injection vulnerability in the ratepicture function in include/functionsrate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary SQL commands via the rate parameter to picture.php, related to an improper data type in a...

Piwigo 'rate' Parameter SQLi Vulnerability

Piwigo is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:piwigo:piwigo";...

Classifieds Script - 'rate' SQL Injection

1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Classifieds SQL Injection Vendor url:http://getaphpsite.com Version:1 Price:20$ Published: 2010-06-22...

Cross site scripting

Cross-site scripting XSS vulnerability in planetluc RateMe 1.3.3 allows remote attackers to inject arbitrary web script or HTML via the rate parameter in a submit rate action...