PT-2026-32356

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection in the file /rsms/admin/services/view service.php...

CVE-2025-50188

Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the GET value parameter with the following scripts: /plugin/vchamilo/views/syncparams.php and /plugin/vchamilo/ajax/service.php, which allows an...

CVE-2025-50188 Error-based SQL Injection in Chamilo LMS

Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the GET value parameter with the following scripts: /plugin/vchamilo/views/syncparams.php and /plugin/vchamilo/ajax/service.php, which allows an...

EUVD-2020-30099

Malware in sbrugna...

EUVD-2021-30439

Malicious code in bioql PyPI...

CVE-2021-43509

SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the id parameter in view-service.php...

CVE-2020-9270

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php...

CVE-2020-9271

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php...

Path traversal

A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this issue is the function delsndb of the file /application/index/controller/Service.php. The manipulation of the argument file leads to path traversal: '../filedir'. T...

Sichuan Yougou Technology KuERP Security Breach

Sichuan Yougou Technology KuERP is an e-commerce platform of Sichuan Yougou Technology, a Chinese company. A security vulnerability exists in Sichuan Yougou Technology KuERP version 1.0.4, which originates from a path traversal issue in the delsndb function in the file...

PT-2023-20380 · Sourcecodester · Sourcecodester Billing Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Billing Management System version 1.0 Description: A critical issue has been found in the SourceCodester Billing Management System, affecting an unknown functionality of the file ajax service.php of the component POST Parameter...

Cross-Site Scripting (XSS)

pimcore/pimcore is vulnerable to Cross-Site-Scripting XSS. The vulnerability exists in the generateLayoutTreeFromArray function in Service.php because the title field is not validated which allows an attacker to inject and execute arbitrary scripts...

CVE-2022-26588

A Cross-Site Request Forgery CSRF in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI...

CVE-2020-9270

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php...

CVE-2020-9271

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php...

CVE-2020-9270

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php...

CVE-2020-9271

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php...

Cross site request forgery (csrf)

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php...

Cross site request forgery (csrf)

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php...

CVE-2020-9270

CVE-2020-9270 affects Ice Hrm 26.2.0, where a Cross-Site Request Forgery (CSRF) vulnerability enables a password reset via the service.php endpoint. The available connected records confirm IceHrm 26.2.0 is the affected version and describe the flaw as CSRF leading to unintended password resets; n...