229 matches found
PT-2025-49097
Name of the Vulnerable Software and Affected Versions EduplusCampus version 3.0.1 Description An Insecure Direct Object Reference IDOR exists in the Student Payment API. Authenticated users can access other students’ personal and financial records by manipulating the rec no parameter within the...
CVE-2025-61148
CVE-2025-61148 describes an Insecure Direct Object Reference (IDOR) in EduplusCampus 3.0.1, specifically the Student Payment API. An authenticated user can access other students’ personal and financial records by altering the rec_no parameter in the /student/get-receipt endpoint. The issue is roo...
📄 EduplusCampus 3.0.1 Insecure Direct Object Reference
A critical insecure direct object reference vulnerability was identified in the EduplusCampus student portal version 3.0.1. This vulnerability allows an authenticated user to access the sensitive personal and financial records of other students by modifying the recno parameter in the API request...
CVE-2025-13410
A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and...
CVE-2025-13410
A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and...
CVE-2025-13410
A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and...
CVE-2025-13410 Campcodes Retro Basketball Shoes Online Store receipt.php sql injection
A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and...
CVE-2025-13410 Campcodes Retro Basketball Shoes Online Store receipt.php sql injection
A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and...
CVE-2025-13410
CVE-2025-13410 affects Campcodes Retro Basketball Shoes Online Store 1.0. The vulnerable component is the file /admin/receipt.php , where an attacker can manipulate the tid argument to trigger a SQL injection. This is described as a remote, publicly disclosed vulnerability with exploitation detai...
CampCodes Retro Basketball Shoes Online Store SQL注入漏洞
CampCodes Retro Basketball Shoes Online Store is an online store for retro basketball shoes from CampCodes, Inc. A SQL injection vulnerability exists in CampCodes Retro Basketball Shoes Online Store version 1.0, which stems from incorrect manipulation of the parameter tid in the file...
PT-2025-47529
Name of the Vulnerable Software and Affected Versions Campcodes Retro Basketball Shoes Online Store version 1.0 Description A SQL injection issue exists in Campcodes Retro Basketball Shoes Online Store version 1.0. The issue is related to the manipulation of the tid argument in the...
Faking Receipts with AI
Over the past few decades, it's become easier and easier to create fake receipts. Decades ago, it required special paper and printers--I remember a company in the UK advertising its services to people trying to cover up their affairs. Then, receipts became computerized, and faking them required...
EUVD-2022-52459
Malicious code in bioql PyPI...
EUVD-2024-51471
Malicious code in bioql PyPI...
EUVD-2024-50422
Malicious code in bioql PyPI...
CVE-2025-9701
CVE-2025-9701 affects SourceCodester Simple Cafe Billing System 1.0. The vulnerability is a SQL injection in the file /receipt.php, caused by manipulation of the ID parameter, enabling remote exploitation. Multiple linked sources (NVD, Red Hat, CVE lists, and security notes) confirm remote attack...
SourceCodester Simple Cafe Billing System 安全漏洞
SourceCodester Simple Cafe Billing System is an open source cafe billing system from SourceCodester. A security vulnerability exists in SourceCodester Simple Cafe Billing System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter ID in the file...
CVE-2025-7536
A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pages/receiptcredit.php. The manipulation of the argument sid leads to sql injection. The attack may be launched remotely. The...
CampCodes Sales and Inventory System 注入漏洞
CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in CampCodes Sales and Inventory System version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter sid in the file /pages/receiptcredit.php...
Complete Insurance Agency Management System
Campcodes Complete Sales and Inventory System V1.0 /pages/rece...