CVE-2025-5004

A vulnerability was found in projectworlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/addcourse.php. The manipulation of the argument c/subname leads to sql injection. The attack may be initiated remotely. The exploit...

Projectworlds Online Time Table Generator SQL注入漏洞

Projectworlds Online Time Table Generator is an online time table generator from Projectworlds India. Projectworlds Online Time Table Generator version 1.0 suffers from a SQL injection vulnerability that stems from improper handling of the parameter c/subname in the file /admin/addcourse.php, whi...

gymxmjpa 安全漏洞

gymxmjpa is a gym management system for liujianview individual developers. A security vulnerability exists in gymxmjpa version 1.0, which originates in the src/main/java/com/liujian/gymxmjpa/controller/SubjectController.java file, where the subname parameter in the SubjectDaoImpl function contain...

PT-2018-18247 · Z Blogphp · Z-Blogphp

Name of the Vulnerable Software and Affected Versions: Z-BlogPHP version 1.5.1.1740 Description: There is a reported issue in Z-BlogPHP where the cmd.php file is susceptible to XSS attacks via the ZC BLOG SUBNAME parameter or the ZC UPLOAD FILETYPE parameter. However, the software maintainer...