EUVD-2025-203261

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-13121 cameasy Liketea API Endpoint StoreController.php list sql injection

A security vulnerability has been detected in cameasy Liketea 1.0.0. Impacted is the function list of the file laravel/app/Http/Controllers/Front/StoreController.php of the component API Endpoint. Such manipulation of the argument lng/lat leads to sql injection. The attack may be performed from...

CVE-2025-11664 Campcodes Online Beauty Parlor Management System search-appointment.php sql injection

A security vulnerability has been detected in Campcodes Online Beauty Parlor Management System 1.0. The impacted element is an unknown function of the file /admin/search-appointment.php. Such manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The...

EUVD-2025-11370

Malicious code in bioql PyPI...

EUVD-2025-5552

Malicious code in bioql PyPI...

EUVD-2025-15043

Malicious code in bioql PyPI...

EUVD-2024-33824

Malicious code in bioql PyPI...

PT-2025-35401

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.10 Description: A cross-site scripting issue exists in Portabilis i-Educar. The manipulation of the descricao argument within the /intranet/educar tipo ocorrencia disciplinar cad.php file can lead to...

CVE-2025-9423 Campcodes Online Water Billing System editecex.php sql injection

A vulnerability was determined in Campcodes Online Water Billing System 1.0. Affected is an unknown function of the file /editecex.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be...

CVE-2025-8367 Portabilis i-Educar funcionario_vinculo_lst.php cross site scripting

A vulnerability classified as problematic has been found in Portabilis i-Educar 2.9. This affects an unknown part of the file /intranet/funcionariovinculolst.php. The manipulation of the argument nome leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-3003

A vulnerability, which was classified as critical, was found in ESAFENET CDG 3. Affected is an unknown function of the file /CDGServer3/UserAjax. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2024-10610 ESAFENET CDG ProtocolService.java delProtocol sql injection

A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function delProtocol of the file /com/esafenet/servlet/system/ProtocolService.java. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-10596 ESAFENET CDG EncryptPolicyTypeService.java delEntryptPolicySort sql injection

A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function delEntryptPolicySort of the file /com/esafenet/servlet/system/EncryptPolicyTypeService.java. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-9001 TOTOLINK T10 cstecgi.cgi setTracerouteCfg os command injection

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The attack can be initiated remotely. The...

CVE-2024-8228 Tenda O5 setMacFilterList fromSafeSetMacFilter stack-based overflow

A vulnerability was found in Tenda O5 1.0.0.85017. It has been classified as critical. This affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. It is possible to initiate the attack...

CVE-2024-8112 thinkgem JeeSite Cookie login cross site scripting

A vulnerability was found in thinkgem JeeSite 5.3. It has been rated as problematic. This issue affects some unknown processing of the file /js/a/login of the component Cookie Handler. The manipulation of the argument skinName leads to cross site scripting. The attack may be initiated remotely. T...

CVE-2024-2497 RaspAP raspap-webgui HTTP POST Request provider.php code injection

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...

ICONICS GENESIS64 DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

byTolinet Agencia <= Remote (conexion.php) Disclosure Exploit

Exploit for php platform in category web applications byTolinet Agencia Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KnocKout member from Inj3ct0r Team 1 1 0...