CVE-2025-12926

A weakness has been identified in SourceCodester Farm Management System 1.0. The affected element is an unknown function of the file /review.php. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the...

CVE-2025-12926

A weakness has been identified in SourceCodester Farm Management System 1.0. The affected element is an unknown function of the file /review.php. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the...

EUVD-2025-38734

A weakness has been identified in SourceCodester Farm Management System 1.0. The affected element is an unknown function of the file /review.php. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the...

EUVD-2005-0273

Malware in sbrugna...

PT-2025-35405

Name of the Vulnerable Software and Affected Versions: Campcodes Farm Management System version 1.0 Description: A security flaw has been discovered in Campcodes Farm Management System 1.0. The vulnerability affects an unknown functionality within the /review.php file. Manipulation of the pid...

PT-2023-16710 · Sourcecodester · Sourcecodester Simple Responsive Tourism Website

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Responsive Tourism Website version 1.0 Description: A problematic issue was found in the software, affecting the /tourism/rate review.php file. The manipulation of the id argument with malicious input, such as 1"alert111...

CVE-2022-42942

A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...

CVE-2022-41310

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...

PT-2022-21892 · Autodesk · Designreview.Exe

Name of the Vulnerable Software and Affected Versions: DesignReview.exe affected versions not specified Description: A maliciously crafted PCT or DWF file can cause a memory corruption issue due to a read access violation when consumed through the DesignReview.exe application. This issue, when...

Atlassian FishEye and Crucible Cross-Site Scripting Vulnerabilities

Atlassian FishEye and Crucible are both products of the Australian company Atlassian, FishEye is a suite of software for deep viewing of source code repositories and Crucible is a suite of code review tools. A cross-site scripting vulnerability exists in multiple repositories in Atlassian FishEye...

Atlassian Crucible review file upload resource cross-site scripting vulnerability

Atlassian Crucible is a suite of code review tools from Atlassian Australia. The tool provides a review process for reviewing code, discussing changes, sharing knowledge, and identifying defects. review file upload resource is one of the upload file repositories. A cross-site scripting...

CVE-2017-9508

Various resources in Atlassian Fisheye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the name of a repository or review file...

Cross site scripting

Various resources in Atlassian Fisheye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the name of a repository or review file...

CVE-2017-9508

Various resources in Atlassian Fisheye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the name of a repository or review file...

CVE-2017-9509

The review file upload resource in Atlassian Crucible before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the charset of a previously uploaded file...

CVE-2017-9508

Various resources in Atlassian Fisheye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the name of a repository or review file...

Various XSS through a repository or review filename - CVE-2017-9508

Various resources in Atlassian FishEye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the name of a repository or review file...

SOLIDserver <= 5.0.4 - Local File Inclusion

Exploit for php platform in category web applications Title: SOLIDserver =5.0.4 - Local File Inclusion Vunerability Author: Saeed reza Zamanian penetrationtest @ Linkedin Product: SOLIDserver Tested Version: : 5.0.4 and 4.0.2 Vendor: efficient IP http://www.efficientip.com Google Dork: SOLIDserve...

PT-2007-6257 · Universibo · Universibo

Name of the Vulnerable Software and Affected Versions: UniversiBO version 1.3.4 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter in the htmls/forum/includes/topic review.php file. This is due to a remote file inclusion...