CVE-2025-14144

The Mstoic Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'start' parameter of the msyoutubeembeds shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

PT-2026-1631

Name of the Vulnerable Software and Affected Versions Mstoic Shortcodes plugin for WordPress versions prior to 2.1 Description The Mstoic Shortcodes plugin for WordPress is susceptible to Stored Cross-Site Scripting. This occurs through the start parameter of the ms youtube embeds shortcode due t...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the start and end request parameters in CargoExport.php. An attacker can execute arbitrary SQL commands by submitting crafted input to the affected endpoint. Remediation Upgrade mediawiki/cargo to version 3.8.4 or...

CVE-2025-11555 Campcodes Online Learning Management System calendar_of_events.php sql injection

A vulnerability was detected in Campcodes Online Learning Management System 1.0. This affects an unknown part of the file /admin/calendarofevents.php. The manipulation of the argument datestart results in sql injection. The attack may be launched remotely. The exploit is now public and may be use...

CampCodes Online Learning Management System 安全漏洞

CampCodes Online Learning Management System is an online learning management system from CampCodes Philippines, Inc. A security vulnerability exists in CampCodes Online Learning Management System version 1.0, which stems from an incorrect manipulation of the parameter datestart in the file...

EUVD-2017-3651

Malware in sbrugna...

EUVD-2012-5774

Malware in sbrugna...

EUVD-2006-6823

Malware in sbrugna...

Belkin F9K1015 安全漏洞

Belkin F9K1015 is a WiFi signal extender from Belkin Canada. A security vulnerability exists in the Belkin F9K1015 version 1.00.10, which stems from incorrect manipulation of the parameter pinCode in the file /goform/formWpsStart, which could result in a buffer overflow...

CVE-2005-10004

Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graphview.php script. An authenticated user can inject arbitrary shell commands via the graphstart GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute...

PT-2025-35362

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 0.8.6-d Description Cacti versions prior to 0.8.6-d contain a remote command execution issue in the graph view.php script. An authenticated user can inject arbitrary shell commands via the graph start GET parameter, whi...

Online Hotel Reservation System order.php File SQL Injection Vulnerability

Online Hotel Reservation System is a simple online hotel reservation system. Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Start in the file /reservation/order.php. The...

Online Hotel Reservation System demo.php File SQL Injection Vulnerability

Online Hotel Reservation System is a simple online hotel reservation system. Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Start in the file /reservation/demo.php. The...

kernel: block: fix overflow in blk_ioctl_discard()

In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blkioctldiscard There is no check for overflow of 'start + len' in blkioctldiscard. Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x8000000000fff000...

CVE-2025-6457

A vulnerability, which was classified as critical, was found in code-projects Online Hotel Reservation System 1.0. This affects an unknown part of the file /reservation/demo.php. The manipulation of the argument Start leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-6456

A vulnerability, which was classified as critical, has been found in code-projects Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file /reservation/order.php. The manipulation of the argument Start leads to sql injection. The attack may be launche...

Code-Projects Simple Online Hotel Reservation System 安全漏洞

Online Hotel Reservation System is a simple online hotel reservation system. Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Start in the file /reservation/demo.php. The...

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Online Hotel Reservation System is a simple online hotel reservation system. Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Start in the file /reservation/order.php. The...

VulnCheck KEV: CVE-2021-24498

The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page via php/edit.php, leading to a reflected Cross-Site Scripting issue...

PT-2024-34428 · Unknown · Kashipara E-Learning Management System Project

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System Project version 1.0 Description: A SQL Injection issue was found in the /admin/calendar of events.php page of the kashipara E-learning Management System Project. The vulnerability is exploitable via the...