CVE-2025-14258 itsourcecode Student Management System newsubject.php sql injection

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newsubject.php. The manipulation of the argument sub leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed t...

CVE-2024-44630

Multiple parameters in register.php in PHPGurukul Student Record System 3.20 are vulnerable to SQL injection. These include: c-full, fname, mname,lname, gname, ocp, nation, mobno, email, board1, roll1, pyear1, board2, roll2, pyear2, sub1,marks1, sub2, course-short, income, category, ph, country,...

Ecommerce-CodeIgniter-Bootstrap Cross-Site Scripting Vulnerability

Ecommerce-CodeIgniter-Bootstrap is a responsive, multi-vendor, multi-language online store platform shopping cart solution. Ecommerce-CodeIgniter-Bootstrap suffers from a cross-site scripting vulnerability that stems from cross-site scripting vulnerabilities in the searchtitle, catName, sub, name...

PT-2024-36536 · WordPress · Wp Staging Pro

Name of the Vulnerable Software and Affected Versions: WP STAGING Pro WordPress Backup Plugin versions up to, and including, 5.6.0 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the sub parameter. This allows unauthenticated attacke...

CVE-2019-14858

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

DEBIAN-CVE-2019-14858

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

PYSEC-2019-171

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

CVE-2010-1462

Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter...

Directory traversal

Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter...

CVE-2008-0861

Cross-site scripting XSS vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote attackers to inject arbitrary web script or HTML via an hSearchString sub-parameter in the PreSetFields parameter of an EditDocument action...