EUVD-2025-29813

Malicious code in bioql PyPI...

EUVD-2025-27101

Malicious code in bioql PyPI...

CVE-2025-10617

A weakness has been identified in SourceCodester Online Polling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/positions.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been made...

CVE-2025-10617

A weakness has been identified in SourceCodester Online Polling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/positions.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been made...

CVE-2025-10617 SourceCodester Online Polling System positions.php sql injection

A weakness has been identified in SourceCodester Online Polling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/positions.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been made...

CVE-2025-10077

A security vulnerability has been detected in SourceCodester Online Polling System 1.0. This impacts an unknown function of the file /registeracc.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and m...

CVE-2025-10078 SourceCodester Online Polling System candidates.php sql injection

A vulnerability was detected in SourceCodester Online Polling System 1.0. Affected is an unknown function of the file /admin/candidates.php. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be use...

CVE-2025-10077

CVE-2025-10077 affects SourceCodester Online Polling System 1.0; vulnerable in /registeracc.php via manipulations of the email parameter, enabling SQL injection. Exploitation may be remote and has been publicly disclosed. Remediation guidance in related PTSecurity advisory suggests restricting ac...

CVE-2025-10075

A security flaw has been discovered in SourceCodester Online Polling System 1.0. The impacted element is an unknown function of the file /manage-profile.php. The manipulation of the argument firstname results in cross site scripting. The attack can be launched remotely. The exploit has been...

CVE-2025-10076 SourceCodester Online Polling System manage-profile.php sql injection

A weakness has been identified in SourceCodester Online Polling System 1.0. This affects an unknown function of the file /manage-profile.php. This manipulation of the argument email causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and...

CVE-2025-10076 SourceCodester Online Polling System manage-profile.php sql injection

A weakness has been identified in SourceCodester Online Polling System 1.0. This affects an unknown function of the file /manage-profile.php. This manipulation of the argument email causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and...

CVE-2025-10075

SourceCodester Online Polling System 1.0 contains a cross-site scripting (XSS) flaw in /manage-profile.php triggered by manipulating the firstname parameter. The vulnerability can be exploited remotely and exploits have been released publicly. Multiple sources (NVD, Red Hat, CNNVD, PT-Security, a...

PT-2025-36425

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Polling System version 1.0 Description: A security issue exists in SourceCodester Online Polling System 1.0. Manipulation of the email argument in the /registeracc.php file may lead to SQL injection. The attack can be...

CVE-2025-9699

A vulnerability was detected in SourceCodester Online Polling System Code 1.0. This vulnerability affects unknown code of the file /admin/checklogin.php. The manipulation of the argument myusername results in sql injection. The attack may be performed from a remote location. The exploit is now...