EUVD-2023-34882

Malicious code in bioql PyPI...

CVE-2025-9107 Portabilis i-Diario search_autocomplete cross site scripting

A vulnerability was determined in Portabilis i-Diario up to 1.5.0. This impacts an unknown function of the file /alunos/searchautocomplete. Executing manipulation of the argument q can lead to cross site scripting. The attack may be performed from a remote location. The exploit has been publicly...

CVE-2025-6409 PHPGurukul Art Gallery Management System forgot-password.php sql injection

A vulnerability was found in PHPGurukul Art Gallery Management System 1.1 and classified as critical. This issue affects some unknown processing of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2025-3241

A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an unknown part of the file src/main/java/com/ukefu/webim/web/handler/admin/callcenter/CallCenterRouterController.java of the component XML Document Handler. The manipulation of the...

UBUNTU-CVE-2024-20981

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Annke Network Video Recorder

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Annke Equipment: N48PBB NVR Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a stack-based buffer overflow, which could allow an...

Traidnt UP 2.0 - Remote SQL Injection Exploit

No description provided by source. !/usr/bin/ruby ============================================= Traidnt UP v2.0 Exploit SQL Injection Vulnerability --------------------------------------------- Date: 05-08-2009 Discovered & written by: Jafer Al-Zidjali Email: jaferatscorpionds.com Website:...

99ko <= 0.4b Multiple (CSRF/XSRF) Vulnerabilities

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

bloofox 0.3 - SQL Injection / File Disclosure

WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! -...

CoreNews 2.0.1 - &#039;userid&#039; SQL Injection

!/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=24 Usage: corenews.pl use IO::Socket; if@ARGV != 2 usage; else exploit; sub header print "\n- NukedX Security Advisory...

ZyXEL10 OF ZyWALL Series Router Cross Site Scripting Vulnerabillity

Device: ZyXEL10 OF ZyWALL Series Router Software: RomPager/4.07 UPnP/1.0 Vendor: http://www.zyxel.com Versions: 4.07 Platforms: Windows Bug: Cross Site Scripting Vulnerabillity Risk: Low Exploitation: Remote with browser Date: 6 Jan 2004 Author: Rafel Ivgi, The-Insider e-mail: [email protected]...