32 matches found
CVE-2026-4624
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated...
SourceCodester Online Library Management System SQL注入漏洞
The SourceCodester Online Library Management System is an open-source online library management system developed by SourceCodester. Version 1.0 of the SourceCodester Online Library Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the...
FastAdmin SQL注入漏洞
FastAdmin is a set of web backend development framework based on ThinkPHP and Bootstrap by Karson's personal developer. FastAdmin 1.7.0.20250506 and earlier versions exist SQL injection vulnerability, the vulnerability stems from the application/common/controller/Backend.php file...
EUVD-2005-4482
Malware in sbrugna...
EUVD-2011-4590
Malware in sbrugna...
EUVD-2011-5010
Malware in sbrugna...
SUSE CVE-2016-2228
Cross-site scripting XSS vulnerability in horde/templates/topbar/menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter, as demonstrated by a request to...
CVE-2018-3882
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger...
Sql injection
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger...
CVE-2018-3882
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger...
PT-2018-16275
Name of the Vulnerable Software and Affected Versions ERPNext version 10.1.6 Description An exploitable SQL injection issue exists in the authenticated part of the software. Specially crafted web requests can cause SQL injections, resulting in data compromise. The searchfield parameter can be use...
Horde Groupware Cross-Site Scripting Vulnerability
Horde Groupware is email and communication solutions. A cross-site scripting vulnerability in Horde Groupware versions prior to 5.2.12 and Horde Groupware Webmail Edition versions prior to 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter...
CVE-2016-2228
Cross-site scripting XSS vulnerability in horde/templates/topbar/menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter, as demonstrated by a request to...
DEBIAN-CVE-2016-2228
Cross-site scripting XSS vulnerability in horde/templates/topbar/menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter, as demonstrated by a request to...
UBUNTU-CVE-2016-2228
Cross-site scripting XSS vulnerability in horde/templates/topbar/menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter, as demonstrated by a request to...
CVE-2011-5109
Multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the SearchField parameter in a search action to 1 categorylist.php, 2 Copyofcalendarlist.php, 3 customerstatisticslist.php, 4 customerlist.php, and 5...
Sql injection
Multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the SearchField parameter in a search action to 1 categorylist.php, 2 Copyofcalendarlist.php, 3 customerstatisticslist.php, 4 customerlist.php, and 5...
Sql injection
Multiple SQL injection vulnerabilities in Blogs Manager 1.101 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 authorslist.php, 2 blogslist.php, 3 categorylist.php, 4 commentslist.php, 5 policylist.php, 6 ratelist.php, 7...
CVE-2011-5109
Multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the SearchField parameter in a search action to 1 categorylist.php, 2 Copyofcalendarlist.php, 3 customerstatisticslist.php, 4 customerlist.php, and 5...
CVE-2011-5109
Multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the SearchField parameter in a search action to 1 categorylist.php, 2 Copyofcalendarlist.php, 3 customerstatisticslist.php, 4 customerlist.php, and 5...