EUVD-2025-26366

Malicious code in bioql PyPI...

CVE-2025-9802

A vulnerability was detected in RemoteClinic 2.0. This vulnerability affects unknown code of the file /staff/profile.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely...

CVE-2025-9802

A vulnerability was detected in RemoteClinic 2.0. This vulnerability affects unknown code of the file /staff/profile.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely...

RemoteClinic 安全漏洞

RemoteClinic is a clinic management system from RemoteClinic open source. A security vulnerability exists in RemoteClinic version 2.0, which stems from a SQL injection due to incorrect manipulation of the parameter ID in the file /staff/profile.php...

CVE-2025-9802 RemoteClinic profile.php sql injection

A vulnerability was detected in RemoteClinic 2.0. This vulnerability affects unknown code of the file /staff/profile.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely...

CVE-2025-9802

CVE-2025-9802 affects RemoteClinic 2.0, with a SQL injection in the /staff/profile.php file caused by manipulating the ID parameter. The vulnerability can be exploited remotely. Multiple sources corroborate the issue and specify the affected component as RemoteClinic 2.0, with the injection affec...

CVE-2025-9775

A vulnerability was found in RemoteClinic up to 2.0. Impacted is an unknown function of the file /staff/edit-my-profile.php. The manipulation of the argument image results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used...

CVE-2025-9775

A vulnerability was found in RemoteClinic up to 2.0. Impacted is an unknown function of the file /staff/edit-my-profile.php. The manipulation of the argument image results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used...

PT-2025-35517

Name of the Vulnerable Software and Affected Versions: RemoteClinic version 2.0 Description: A SQL injection issue exists in RemoteClinic 2.0 due to the manipulation of the ID argument in the /staff/profile.php file. The attack can be executed remotely. Recommendations: At the moment, there is no...

NamelessMC 安全漏洞

NamelessMC is a free, easy to use and powerful website software from the NamelessMC team. For your Minecraft server, which contains tons of features. A security vulnerability previously existed in NamelessMC version 2.1.3, which stemmed from the ability for administrators to add functionality tha...

Wedding Hall Booking System 跨站脚本漏洞

Wedding Hall Booking System is a simple PHP-titled wedding hall booking system by the individual developer Carlo Montero. A cross-site scripting vulnerability exists in SourceCodester Wedding Hall Booking System, which stems from an unknown portion of the Staff User Profile code in its...

CVE-2021-39416

Multiple Cross Site Scripting XSS vulnerabilities exists in Remote Clinic v2.0 in 1 patients/register-patient.php via the a Contact, b Email, c Weight, d Profession, e refcontact, f address, g gender, h age, and i serial parameters; in 2 patients/edit-patient.php via the a Contact, b Email, c...

Square: XSS on bookfresh

Hi, Xss is triggered on https://www.bookfresh.com/cindex.php/profile/edit/cs/staffmember Payload: %22onmouseover%3Dprompt%281%29%20mik%22 Steps to reproduce Create a new staff and put our payload on the name of the staff. Refresh the page Edit the staff and mouseover to the name of the staff and...