CVE-2024-25182

givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php...

CVE-2024-25182

givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php...

CVE-2024-25182

givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php...

VvvebJs 安全漏洞

VvvebJs is a drag-and-drop website generator from Givan Personal Developers. A security vulnerability exists in VvvebJs version 1.7.2, which stems from the filegetcontents function in the save.php file mishandling user-supplied URLs, which could lead to server-side request forgery and arbitrary...

VvvebJs 安全漏洞

VvvebJs is a drag-and-drop website generator by Givan Personal Developers. A security vulnerability exists in VvvebJs version 1.7.2, which stems from a file upload vulnerability in save.php...

CVE-2024-25181

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery SSRF and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "filegetcontents" function within the "save.php" file...

CVE-2024-25181

CVE-2024-25181 affects givanz VvvebJs 1.7.2. The issue stems from improper handling of user-supplied URLs in the file_get_contents call in save.php, enabling Server-Side Request Forgery (SSRF) and arbitrary file reading. The CVSSv3.1 base score is 9.1 (CRITICAL) with NETWORK_VECTOR, LOW attack co...

PT-2025-53784

Name of the Vulnerable Software and Affected Versions givanz VvvebJs version 1.7.2 Description A critical issue exists in givanz VvvebJs version 1.7.2 that permits Server-Side Request Forgery SSRF and arbitrary file reading. This is due to improper handling of user-supplied URLs within the file g...

CVE-2025-65094

WBCE CMS is a content management system. Prior to version 1.6.4, a low-privileged user in WBCE CMS can escalate their privileges to the Administrators group by manipulating the groups parameter in the /admin/users/save.php request. The UI restricts users to assigning only their existing group, bu...

EUVD-2018-18091

Malware in sbrugna...

EUVD-2020-11585

Malware in sbrugna...

EUVD-2020-11584

Malware in sbrugna...

EUVD-2006-4563

Malware in sbrugna...

CVE-2021-32104

A SQL injection vulnerability exists with user privileges in interface/forms/eyemag/save.php in OpenEMR 5.0.2.1...

CVE-2020-19682

A Cross Site Request Forgery CSRF vulnerability exits in ZZZCMS V1.7.1 via the saveuser funciton in save.php...

PT-2025-15108 · Unknown · Codeprojects Online Restaurant Management System

Name of the Vulnerable Software and Affected Versions: codeprojects Online Restaurant Management System version 1.0 Description: A critical vulnerability has been found in the codeprojects Online Restaurant Management System. The issue affects an unknown function of the file /admin/user save.php...

PT-2024-31193 · Unknown · Itsourcecode Alton Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Alton Management System version 1.0 Description: The issue is related to SQL Injection in the /noncombo save.php endpoint via the menu parameter. This allows for potential exploitation. Recommendations: For itsourcecode Alton...

PT-2024-38355 · Unknown · Itsourcecode Ticket Reservation System

Name of the Vulnerable Software and Affected Versions: itsourcecode Ticket Reservation System version 1.0 Description: A critical issue has been found in the itsourcecode Ticket Reservation System, affecting some unknown functionality of the file checkout ticket save.php. The manipulation of the...

CVE-2024-5116

A vulnerability, which was classified as critical, has been found in SourceCodester Online Examination System 1.0. Affected by this issue is some unknown functionality of the file save.php. The manipulation of the argument vote leads to sql injection. The attack may be launched remotely. The...

CVE-2024-5116 SourceCodester Online Examination System save.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Online Examination System 1.0. Affected by this issue is some unknown functionality of the file save.php. The manipulation of the argument vote leads to sql injection. The attack may be launched remotely. The...