AMTT Hotel Broadband Operation System 注入漏洞

AMTT Hotel Broadband Operation System is a hotel broadband operation system developed by AMTT Corporation. Version 1.0 of the AMTT Hotel Broadband Operation System contains a injection vulnerability. This vulnerability arises from the operation of unknown functions on parameters ID in the file...

CVE-2019-25687

Pegasus CMS 1.0 is affected by a remote code execution vulnerability in the extra_fields.php plugin. The flaw arises from unsafe eval usage, allowing unauthenticated attackers to send malicious PHP code via the action parameter in POST requests to submit.php, achieving code execution and an inter...

CVE-2025-13675

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. This is due to the 'paypal-submit.php' file not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrato...

CVE-2025-13675 Tiger <= 101.2.1 - Unauthenticated Privilege Escalation

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. This is due to the 'paypal-submit.php' file not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrato...

CVE-2025-13675 Tiger <= 101.2.1 - Unauthenticated Privilege Escalation

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. This is due to the 'paypal-submit.php' file not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrato...

CVE-2025-12215

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

PT-2025-43875

Name of the Vulnerable Software and Affected Versions projectworlds Online Shopping System version 1.0 Description A flaw has been identified in projectworlds Online Shopping System 1.0. The issue involves a potential SQL injection affecting an unknown function within the /login submit.php file...

PT-2024-16475 · Unknown · Code-Projects University Event Management System

Name of the Vulnerable Software and Affected Versions: code-projects University Event Management System version 1.0 Description: A critical issue has been found in the code-projects University Event Management System, affecting the file submit.php. The manipulation of the arguments name, email,...

PT-2024-15444 · Unknown · Kashipara Food Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Food Management System version 1.0 Description: A vulnerability was found in the processing of the file party submit.php, where the manipulation of the party address argument leads to cross-site scripting. The attack may be initiate...

Kashipara Food Management System SQL注入漏洞

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by the lack of validation of the partyname parameter of the partysubmit.php file against external SQL input, and can b...

PT-2024-15448 · Unknown · Kashipara Food Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Food Management System version 1.0 Description: A critical vulnerability has been found in the Kashipara Food Management System. This issue affects an unknown part of the file rawstock used damaged submit.php. The manipulation of th...

CVE-2018-19550

Interspire Email Marketer through 6.1.6 allows arbitrary file upload via a surveyssubmit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI...