FantasticLBP Hotels Server SQL注入漏洞

FantasticLBP Hotels Server is a backend management system for hotel reservation system. FantasticLBP Hotels Server has a SQL injection vulnerability, the vulnerability stems from the incorrect operation of the parameter subjectId/cityName in the file controller/api/hotelList.php, which may lead t...

EUVD-2025-32489

A vulnerability was detected in zhuimengshaonian wisdom-education up to 1.0.4. The affected element is an unknown function of the file src/main/java/com/education/api/controller/student/WrongBookController.java. Performing manipulation of the argument subjectId results in authorization bypass. Th...

EUVD-2025-31441

Malicious code in bioql PyPI...

CVE-2025-11080 zhuimengshaonian wisdom-education ExamInfoController.java selectStudentExamInfoList improper authorization

A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. This vulnerability affects the function selectStudentExamInfoList of the file src/main/java/com/education/api/controller/student/ExamInfoController.java. Such manipulation of the argument subjectId leads ...

wisdom-education 授权问题漏洞

wisdom-education is a cloud intelligence education platform by zhuimengshaonian individual developer. There is an authorization issue vulnerability in wisdom-education 1.0.4 and earlier versions, which originates from the function in the file...

CVE-2012-4238

Cross-site scripting XSS vulnerability in admin/code/tceeditanswer.php in TCExam before 11.3.008 allows remote authenticated users with level 5 or greater permissions to inject arbitrary web script or HTML via the questionsubjectid parameter...

PT-2012-5159 · Pbboard · Pbboard

Name of the Vulnerable Software and Affected Versions: PBBoard version 2.1.4 Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via several parameters, including the username parameter to the "send page", the email parameter to the "forget page"...