50 matches found
SQL Injection
nukeviet/nukeviet is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of the listid parameter in detail.php and the groupprice or groupid parameters in searchresult.php, which allows an attacker to execute malicious SQL queries through crafted input...
EUVD-2017-8806
Malware in sbrugna...
EUVD-2022-4525
Malicious code in bioql PyPI...
CVE-2025-10603 PHPGurukul Online Discussion Forum search_result.php sql injection
A vulnerability was determined in PHPGurukul Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /admin/adminforum/searchresult.php. Executing manipulation of the argument Search can lead to sql injection. The attack can be launched remotely. The exploit...
CVE-2025-0299
A vulnerability classified as critical has been found in code-projects Online Book Shop 1.0. Affected is an unknown function of the file /searchresult.php. The manipulation of the argument s leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to th...
CVE-2025-0299 code-projects Online Book Shop search_result.php sql injection
A vulnerability classified as critical has been found in code-projects Online Book Shop 1.0. Affected is an unknown function of the file /searchresult.php. The manipulation of the argument s leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to th...
CVE-2025-0299 code-projects Online Book Shop search_result.php sql injection
A vulnerability classified as critical has been found in code-projects Online Book Shop 1.0. Affected is an unknown function of the file /searchresult.php. The manipulation of the argument s leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to th...
Sourcecodesterk Doctor Appointment System SQL Injection Vulnerability
Sourcecodesterk Doctor Appointment System is an open source application from Sourcecodesterk. Provides an appointment function. Sourcecodesterk Doctor Appointment System version 1.0 contains a SQL injection vulnerability, which stems from the program does not adequately filter the searchresult.ph...
Sql injection
SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the 1 listid parameter in detail.php and the 2 groupprice or groupid parameters in searchresult.php...
CVE-2020-21809
SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the 1 listid parameter in detail.php and the 2 groupprice or groupid parameters in searchresult.php...
CVE-2020-21809
Summary: CVE-2020-21809 is a SQL Injection vulnerability in the NukeViet CMS module Shops affecting versions 4.0.29 and 4.3, exploitable via improper handling of input parameters (listid in detail.php; group_price or groupid in search_result.php). The vulnerability is documented with high/critica...
Doctor Appointment System 1.0 Blind SQL Injection Vulnerability
Exploit Title: Doctor Appointment System 1.0 Blind SQL injection in email parameter CVE: CVE-2021-27319 Exploit Author: Nakul Ratti Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...
CVE-2021-27124
SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...
Sql injection
SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...
CVE-2021-27124
SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...
CVE-2021-27124
Doctor Appointment System 1.0 is affected by an SQL injection in the expertise parameter of search_result.php. The vulnerability arises from insufficient input validation, allowing an authenticated patient user to execute arbitrary SQL and dump database credentials, implying potential data leakag...
topole.com.tw XSS vulnerability
Open Bug Bounty ID: OBB-547833 Description| Value ---|--- Affected Website:| topole.com.tw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
sweet-family.com.tw XSS vulnerability
Open Bug Bounty ID: OBB-546967 Description| Value ---|--- Affected Website:| sweet-family.com.tw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
countess.com.tw XSS vulnerability
Open Bug Bounty ID: OBB-546820 Description| Value ---|--- Affected Website:| countess.com.tw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
chinabest.com.tw XSS vulnerability
Open Bug Bounty ID: OBB-545862 Description| Value ---|--- Affected Website:| chinabest.com.tw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...