EUVD-2025-36142

A weakness has been identified in code-projects Online Event Judging System 1.0. This vulnerability affects unknown code of the file /editcontestant.php. Executing manipulation of the argument contestantid can lead to sql injection. The attack can be executed remotely. The exploit has been made...

CVE-2025-12224 Iqbolshoh php-business-website contact.php cross site scripting

A flaw has been found in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This vulnerability affects unknown code of the file admin/contact.php. This manipulation of the argument twitter causes cross site scripting. The attack may be initiated remotely. The exploit h...

EUVD-2025-36057

A security flaw has been discovered in ajayrandhawa User-Management-PHP-MYSQL web up to fedcf58797bf2791591606f7b61fdad99ad8bff1. This vulnerability affects unknown code. Performing manipulation results in cross-site request forgery. The attack can be initiated remotely. The exploit has been...

User-Management-PHP-MYSQL 安全漏洞

User-Management-PHP-MYSQL is a secure user management system by Ajay Randhawa Individual Developer. A security vulnerability exists in User-Management-PHP-MYSQL that stems from mishandling of unknown code and could lead to cross-site request forgery attacks...

PT-2025-44045

Name of the Vulnerable Software and Affected Versions shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5 Description A SQL injection issue exists in the POST Request Handler component of shawon100 RUET OJ. The issue is located in the file /process.php and is triggered by manipulatin...

CVE-2025-11938 ChurchCRM setup.php deserialization

A vulnerability was found in ChurchCRM up to 5.18.0. This vulnerability affects unknown code of the file setup/routes/setup.php. Performing a manipulation of the argument DBPASSWORD/ROOTPATH/URL results in deserialization. The attack may be initiated remotely. The attack's complexity is rated as...

PT-2025-41640

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A flaw exists in CodeAstro Gym Management System 1.0. The issue is related to SQL injection within the file /admin/actions/delete-equipment.php. Manipulation of the ID argument can trigge...

CVE-2025-11405 SourceCodester Hotel and Lodge Management System del_tax.php sql injection

A vulnerability was identified in SourceCodester Hotel and Lodge Management System 1.0. This vulnerability affects unknown code of the file /deltax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...

EUVD-2019-5297

Malware in sbrugna...

CVE-2025-11318

A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This vulnerability affects unknown code of the file uploadWxFile.do. The manipulation of the argument File results in unrestricted upload. The attack may be performed from remote. The exploit...

EUVD-2024-50791

Malicious code in bioql PyPI...

EUVD-2025-29118

Malicious code in bioql PyPI...

EUVD-2025-24064

Malicious code in bioql PyPI...

EUVD-2025-24652

Malicious code in bioql PyPI...

EUVD-2025-26624

Malicious code in bioql PyPI...

EUVD-2025-31416

Malicious code in bioql PyPI...

EUVD-2025-26171

Malicious code in bioql PyPI...

EUVD-2025-27089

Malicious code in bioql PyPI...

EUVD-2025-24937

Malicious code in bioql PyPI...

EUVD-2025-25875

Malicious code in bioql PyPI...