EUVD-2025-25018

Malicious code in bioql PyPI...

CVE-2025-9051

A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2025-9051

A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2025-9051 projectworlds Travel Management System updatecategory.php sql injection

A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2025-9051 projectworlds Travel Management System updatecategory.php sql injection

A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

PT-2025-33483 · Projectworlds · Travel Management System

Name of the Vulnerable Software and Affected Versions: ProjectWorlds Travel Management System version 1.0 Description: A vulnerability exists in ProjectWorlds Travel Management System 1.0 related to SQL injection. The issue affects an unknown functionality within the /updatecategory.php file...

Projectworlds Travel management System 安全漏洞

Projectworlds Travel management System is a travel management system from Projectworlds India. A security vulnerability exists in Projectworlds Travel management System version 1.0, which is caused by SQL injection due to improper handling of parameter t1 in file /updatecategory.php...

Cross-site Scripting (XSS)

thorsten/phpmyfaq is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to improper sanitization in the updatecategory parameter, which allows an attacker to inject and execute malicious JavaScript...

GHSA-M9QM-M5W5-9PGJ thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting XSS because it fails to sanitize user input in the updatecategory parameter. This has been fixed in 3.1.12...

thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting XSS because it fails to sanitize user input in the updatecategory parameter. This has been fixed in 3.1.12...

Stored XSS @ updatecategory

Description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. Proof of Concept Code That has a Vulnerability: // Updates an existing category if $action === 'updatecategory' &&...