CVE-2026-33991 WeGIA has SQL Injection in deletar_tag.php

WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the file html/socio/sistema/deletartag.php uses extract$REQUEST on line 14 and directly concatenates the $idtag variable into SQL queries on lines 16-17 without prepared statements or sanitization. Version 3.6.7 patches t...

CVE-2020-12708

Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the catid parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043...

EUVD-2018-13190

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-9640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exifprocessSOFn...

Mageia: Security Advisory (MGASA-2025-0059)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

wordcraft 跨站脚本漏洞

wordcraft is an application by the individual developer of capnsquarepants. A cross-site scripting vulnerability exists in wordcraft, which stems from an unknown function in tag.php that could lead to cross-site scripting...

PolyPager 1.0rc10 - 'FCKeditor' Arbitrary File Upload

Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail : submitatinj3ct0r.com 1 0 0 1 1 0 I'm eidelweiss member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Vendor:...

Vikingboard 0.2 Beta - 'task' Local File Inclusion

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl Vikingboard = 0.2 Beta Local File Inclusion Vulnerability Script: "Vikingboard is a PHP-based discussion forum..." Script site:...

CJG EXPLORER PRO 3.2 - 'g_pcltar_lib_dir' Remote File Inclusion

S==A==U==D==I CJG EXPLORER PRO v3.2 pcltar.lib.phppcltrace.lib.php Remote File Include Vulnerabilities Found By : Mogatil , [email protected] Script Site : http://www.zascom.com/download/PHP/1868-CEP-PHP.ZIP File : /pcltar.lib.php include$gpcltarlibdir."/pclerror.lib.php"; File : /pcltrace.lib.php...

w-Agora Multiple Script Traversal Arbitrary File Access

The remote host is running w-agora, a web-based forum application written in PHP. The remote version of this software is prone to directory traversal attacks. A remote attacker could send specially crafted URL to read arbitrary files from the remote system with the privileges of the web server...

code injection in gallery

Hi! Code injection in gallery ------------------------------------- What is gallery? The Gallery is actually the best web gallery application around in the world. I'm using it too ;-. Go to http://gallery.sf.net/ to get further information and download this very cool app. remote include problems...