11 matches found
EUVD-2025-25018
Malicious code in bioql PyPI...
CVE-2025-9051
A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...
CVE-2025-9051
A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...
CVE-2025-9051 projectworlds Travel Management System updatecategory.php sql injection
A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...
CVE-2025-9051 projectworlds Travel Management System updatecategory.php sql injection
A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...
Projectworlds Travel management System 安全漏洞
Projectworlds Travel management System is a travel management system from Projectworlds India. A security vulnerability exists in Projectworlds Travel management System version 1.0, which is caused by SQL injection due to improper handling of parameter t1 in file /updatecategory.php...
PT-2025-33483 · Projectworlds · Travel Management System
Name of the Vulnerable Software and Affected Versions: ProjectWorlds Travel Management System version 1.0 Description: A vulnerability exists in ProjectWorlds Travel Management System 1.0 related to SQL injection. The issue affects an unknown functionality within the /updatecategory.php file...
Cross-site Scripting (XSS)
thorsten/phpmyfaq is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to improper sanitization in the updatecategory parameter, which allows an attacker to inject and execute malicious JavaScript...
thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting XSS because it fails to sanitize user input in the updatecategory parameter. This has been fixed in 3.1.12...
GHSA-M9QM-M5W5-9PGJ thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting XSS because it fails to sanitize user input in the updatecategory parameter. This has been fixed in 3.1.12...
Stored XSS @ updatecategory
Description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. Proof of Concept Code That has a Vulnerability: // Updates an existing category if $action === 'updatecategory' &&...