CVE-2026-3839

Unraid Authentication Request Path Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Unraid. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

CVE-2018-12272

xowl/request.php in Ximdex 4.0 has XSS via the content parameter...

CVE-2025-14223

CVE-2025-14223 affects Code-Projects Simple Leave Manager 1.0, with a vulnerability in the /request.php file. The issue arises from manipulation of the staff_id parameter, enabling SQL injection. Multiple connected sources confirm remote exploitation potential and public disclosure of the exploit...

CVE-2025-14223 code-projects Simple Leave Manager request.php sql injection

A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staffid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

EUVD-2017-18913

Malware in sbrugna...

CVE-2017-20195

A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The manipulation of the argument phone leads to sql injection. This product does not use versioning. Thi...

CVE-2025-4080 PHPGurukul Online Nurse Hiring System view-request.php sql injection

A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/view-request.php. The manipulation of the argument viewid leads to sql injection. The attack can be launched...

CVE-2025-4080 PHPGurukul Online Nurse Hiring System view-request.php sql injection

A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/view-request.php. The manipulation of the argument viewid leads to sql injection. The attack can be launched...

CVE-2024-10605

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /file/request.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2017-20195

A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The manipulation of the argument phone leads to sql injection. This product does not use versioning. Thi...

CVE-2017-20195

A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The manipulation of the argument phone leads to sql injection. This product does not use versioning. Thi...

CVE-2017-20195 LUNAD3v AreaLoad request.php sql injection

A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The manipulation of the argument phone leads to sql injection. This product does not use versioning. Thi...

CVE-2017-20195 LUNAD3v AreaLoad request.php sql injection

A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The manipulation of the argument phone leads to sql injection. This product does not use versioning. Thi...

CVE-2017-20195

CVE-2017-20195 affects LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. The vulnerability is an SQL injection caused by manipulated the argument phone in the file request.php. Affected version is not fully versioned in the provided docs, but multiple sources consistently cite the ...

CVE-2024-7303

A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /request.php of the component Send Blood Request Page. The manipulation of the argument Address/bloodgroup leads to cross sit...

PT-2024-38250 · Unknown · Itsourcecode Online Blood Bank Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Blood Bank Management System version 1.0 Description: A problem was found in the processing of the file /request.php of the component Send Blood Request Page. The manipulation of the argument Address/bloodgroup leads to...

Gleez Cms Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability in Gleez Cms 1.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via modules/gleez/classes/request.php...

PT-2024-10905 · Gleez Cms · Gleez Cms

Name of the Vulnerable Software and Affected Versions: Gleez Cms version 1.2.0 Description: The issue allows remote attackers to execute arbitrary code and obtain sensitive information via modules/gleez/classes/request.php. This is a Server Side Request Forgery SSRF vulnerability. Recommendations...

CVE-2023-37744

Maid Hiring Management System v1.0 is affected by a cross-site scripting (XSS) vulnerability in the /admin/search-booking-request.php component. The issue is documented across multiple sources and is not tied to any other version beyond v1.0 in the provided documents. The exact root cause details...

Cross-Site Request Forgery (CSRF)

craftcms/cms is vulnerable to cross-site request forgery. The vulnerability exists because the CRAFTCSRFTOKEN cookie in Request.php gets improperly encoded, allowing an attacker to disclose the password hash through the HTML hidden field...