CVE-2025-7601

A vulnerability has been found in PHPGurukul Online Library Management System 3.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/student-history.php. The manipulation of the argument stdid leads to cross site scripting. The attack can be initiated...

RSI Queue Management System 安全漏洞

RSI Queue Management System is an intelligent queue management system for the retail, healthcare or service industry from RSI Queue. A security vulnerability exists in RSI Queue Management System version v3.0 that stems from improper handling of the TaskID parameter, which could lead to an...

Information disclosure

An issue was discovered in EXCELLENT INFOTEK CORPORATION EIC E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/getuseremailinfobbs.asp to obtain the contact information name and e-mail address of everyone in the entire organization. This information can allow remote attackers to...

CVE-2021-34683

An issue was discovered in EXCELLENT INFOTEK CORPORATION EIC E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/getuseremailinfobbs.asp to obtain the contact information name and e-mail address of everyone in the entire organization. This information can allow remote attackers to...

Time And Expense Management System 3.0 Cross Site Request Forgery

Exploit Title: Time and Expense Management System 3.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-10-17 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.initechs.com/ Software Link: http://sourceforge.net/projects/tems/files/latest Version: 3.0 Category: Webapps Tested on:...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security SiteProtector System

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Security SiteProtector System. These issues were disclosed as part of the IBM Java SDK updates in Apr 2017. Vulnerability Details CVEID: CVE-2017-3539 DESCRIPTION: An unspecified vulnerability relat...

CVE-2017-17876

Biometric Shift Employee Management System 3.0 is affected. The vulnerability lets remote attackers bypass file-read restrictions via a user=download request with a pathname in the path parameter, enabling local file disclosure. This is corroborated by CNVD/NVD entries and Exploit-DB references (...

CVE-2015-0162

IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges...

Online Invoice System 3.0 - SQL Injection

Online Invoice System 3.0 - SQL Injection Exploit Title: Online Invoice System 3.0 - SQL Injection Dork: N/A Date: 07.09.2017 Vendor Homepage: http://www.onlineinvoicesystem.com/ Software Link: http://www.onlineinvoicesystem.com/indexv3.html Demo:...

MMA Spartan System 3.0 Free - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application MMA Spartan System 3.0 Free published at the 'play' market has multiple vulnerabilities...

Network odd CWMS enterprise website Management System 3. 0 editor vulnerability-vulnerability warning-the black bar safety net

Network odd CWMS enterprise website Management System 3. 0 vulnerability google: the Powered by wqCWMS 3.0 Default account password: wangqi wagnqi I can't find anything else that gets the account password the way. Into the background, add article, see the editor Then browse the server myself, fck...

Super Mod System 3.0 - 's' SQL Injection

---------------------------------------------------------------------------------------------------- Name : Super Mod System 3.1 5 Site : http://www.classified-software.co.uk/ Demo : http://www.classified-software.co.uk/super-mod-system-v3/...

Power System Of Article Management 3.0 - File Disclosure Cross-Site Scripting

Power System Of Article Management 3.0 - File Disclosure Cross-Site Scripting --------------------------------------------------------- Portal Name: Power System Of Article Management Version : 3.0 Author : PouyaServer , [email protected] Vulnerability : DD/XSS...

CVE-2008-1838

The connected data shows a related CVE (CVE-2008-6526) describing a SQL injection in BosDev BosClassifieds: index.php via the cat_id parameter, a vector different from CVE-2008-1838’s cat parameter. This confirms that BosClassifieds 3.0 stores user-supplied input in a way exploitable through SQL,...

CVE-2008-1224

Cross-site scripting XSS vulnerability in account.php in BosClassifieds Classified Ads System 3.0 allows remote attackers to inject arbitrary web script or HTML via the returnTo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2006-0919

CVE-2006-0919 describes an SQL injection in Oi! Email Marketing System 3.0 (Oi! 3) login flow (index.php) that allows remote attackers to execute arbitrary SQL commands through the Username and Password fields. The vulnerability arises in the login page handling of user input, enabling partial/co...