CVE-2025-10813 code-projects Hostel Management System index.php sql injection

A vulnerability was found in code-projects Hostel Management System 1.0. Affected is an unknown function of the file /justines/admin/modreports/index.php. The manipulation of the argument Home results in sql injection. It is possible to launch the attack remotely. The exploit has been made public...

CVE-2025-55522

Cross-site scripting XSS vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter...

CVE-2024-33966

SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'xtsearch' in...

CVE-2024-29873

SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/reports/businessunits/format/html, 'bunitname' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted query to the server and extract all the data from it...

Pentest-Collaboration-Framework 代码注入漏洞

Pentest-Collaboration-Framework is an open source, cross-platform and portable toolkit. It is used to automate daily processes when performing various testing tasks. A security vulnerability exists in Pentest-Collaboration-Framework version v1.0.8, which stems from a server-side template injectio...

Quest Policy Authority For Unified Communications Cross-Site Scripting Vulnerability

Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data text and instant messaging, videoconferencing, email and voicemail between various media. A cross-site scripting vulnerabili...