EUVD-2025-209441

Improper input handling in /Grocery/searchproductsitname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitemname POST parameter...

CVE-2025-63939

Improper input handling in /Grocery/searchproductsitname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitemname POST parameter...

CVE-2025-63939

Improper input handling in /Grocery/searchproductsitname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitemname POST parameter...

CVE-2018-25203

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

CVE-2018-25203

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

CVE-2018-25203 Online Store System CMS 1.0 SQL Injection via clientaccess

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

CVE-2018-25203

CVE-2018-25203 affects Online Store System CMS 1.0. The vulnerability is an SQL injection in the email field of index.php when action=clientaccess is supplied, allowing unauthenticated attackers to influence database queries and extract sensitive information via boolean-based blind or time-based ...

PT-2026-28240

Name of the Vulnerable Software and Affected Versions Online Store System CMS version 1.0 Description An SQL injection allows unauthenticated attackers to manipulate database queries. This is achieved by sending POST requests to the 'index.php' endpoint with the action parameter set to...

OpenSolution Quick.Cart 安全漏洞

OpenSolution Quick.Cart is an online store system developed by the Polish company OpenSolution. Version 6.7 of OpenSolution Quick.Cart contains a security vulnerability, which stems from storing user passwords in plaintext. This vulnerability could allow privileged attackers to access user...

OpenSolution Quick.Cart 授权问题漏洞

OpenSolution Quick.Cart is an online store system developed by the Polish company OpenSolution. Version 6.7 of OpenSolution Quick.Cart contains an authorization vulnerability. This vulnerability stems from the fact that session identifiers can be set before authentication and remain unchanged...

CVE-2025-63891

Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents including schema and credential hashes via an unauthenticated HTTP GET request to /obs/database/obsdb.sql...

SourceCodester Simple Online Book Store System 安全漏洞

SourceCodester Simple Online Book Store System is a SourceCodester open source simple online bookstore system. A security vulnerability exists in SourceCodester Simple Online Book Store System, which originates from an unauthenticated HTTP GET request to access a database backup file, potentially...

EUVD-2020-20619

Malware in sbrugna...

EUVD-2024-27937

Malicious code in bioql PyPI...

EUVD-2024-47937

Malicious code in bioql PyPI...

EUVD-2022-35012

Malicious code in bioql PyPI...

Medical Store Management System ChangePassword.java SQL Injection Vulnerability

Medical Store Management System is a pharmacy management system. The Medical Store Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter newPassTxt in the file ChangePassword.java. An attacker can...

Medical Store Management System MainPanel.java File SQL Injection Vulnerability

Medical Store Management System is a pharmacy management system. Medical Store Management System has a SQL injection vulnerability that originates from improper filtering of searchTxt parameters in the MainPanel.java file, which can be exploited by an attacker to obtain sensitive information...

CVE-2025-8930

A vulnerability was found in code-projects Medical Store Management System 1.0. This issue affects some unknown processing of the file UpdateCompany.java of the component Update Company Page. The manipulation of the argument companyNameTxt leads to sql injection. The attack may be initiated...

CVE-2025-8931

A vulnerability was determined in code-projects Medical Store Management System 1.0. Affected is an unknown function of the file ChangePassword.java. The manipulation of the argument newPassTxt leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to...