EUVD-2023-34450

Malicious code in bioql PyPI...

CVE-2012-10047 Cyclope Employee Surveillance Solution v6.x SQL Injection

Cyclope Employee Surveillance Solution versions 6.x are vulnerable to a SQL injection flaw in its login mechanism. The username parameter in the auth-login POST request is not properly sanitized, allowing attackers to inject arbitrary SQL statements. This can be leveraged to write and execute a...

CVE-2025-29094

Cross Site Scripting vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Marketing/Forms, Marketing/Offers and Content/Pages components...

CVE-2024-37049

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the followin...

CVE-2024-48580

SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the email parameter of the login request...

CVE-2022-34120

Barangay Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via the module editing function at /pages/activity/activity.php...

CVE-2020-28070

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in viewevent.php via the 'id' parameter...

CVE-2025-46193

SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in userproposalupdateorder.php...

CVE-2025-46193

Summary: CVE-2025-46193 affects SourceCodester Client Database Management System 1.0 and enables remote code execution via an arbitrary file upload in the vulnerable file path user_proposal_update_order.php. The CVSS v3.1 score is 9.8 (CRITICAL) with network attack vector, no privileges required,...

CVE-2025-45020

A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter in a POST request...

CVE-2025-28011

CVE-2025-28011 affects PHPGurukul’s User Registration & Login and User Management System v3.3. The vulnerability is in loginsystem/change-password.php where the currentpassword POST parameter is mishandled, enabling a SQL injection that can allow remote attackers to execute arbitrary code. The do...

CVE-2024-57686

A Cross Site Scripting XSS vulnerability was found in /landrecordsys/admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the "pagetitle" parameter...

CVE-2022-21960

Windows Resilient File System ReFS Remote Code Execution Vulnerability...

N-Central Remote Support Manager 14.2.7.171 File Read / Code Execution

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. N-central Remote Support Manager Multiple Vulnerabilities Affected Versions: Verified in Version 14.2.7.171 PDF:...