CVE-2025-63533

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...

EUVD-2023-50282

Malicious code in bioql PyPI...

CVE-2025-9730 itsourcecode Apartment Management System updateProfile.php sql injection

A vulnerability was found in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /ajax/updateProfile.php. The manipulation of the argument userid results in sql injection. It is possible to launch the attack remotely. The exploit has been made...

CVE-2025-9730

CVE-2025-9730 affects itsourcecode Apartment Management System 1.0. The vulnerability lies in an unknown function in /ajax/updateProfile.php where manipulating the user_id parameter leads to SQL injection. This can be exploited remotely and an exploit has been publicized. CVSS v3.1 base metrics i...

CVE-2025-9730 itsourcecode Apartment Management System updateProfile.php sql injection

A vulnerability was found in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /ajax/updateProfile.php. The manipulation of the argument userid results in sql injection. It is possible to launch the attack remotely. The exploit has been made...

CVE-2025-3042

A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. This vulnerability affects unknown code of the file /student/updateprofile.php. The manipulation of the argument pic leads to unrestricted upload. The attack can be initiated remotely. The exploit...

CVE-2025-3042 Project Worlds Online Time Table Generator updateprofile.php unrestricted upload

A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. This vulnerability affects unknown code of the file /student/updateprofile.php. The manipulation of the argument pic leads to unrestricted upload. The attack can be initiated remotely. The exploit...

CVE-2024-10557

A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /file/updateprofile.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely...

CVE-2023-46020

Cross Site Scripting XSS in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters...

Exploit for Cross-site Scripting in Code-Projects Blood_Bank

CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-...

WikiWebHelp v0. 3. 3 CSRF attack to modify the password vulnerability-vulnerability warning-the black bar safety net

WikiWebHelp v0. 3. 3 CMS the presence of CSRF（cross-site request forgery attack, the remote can modify the user password Exp: form name="CSRF" method="post" action=" http://127.0.0.1/wwh/handlers/updateprofile.php?id=1" input type='hidden' name='pass' value='password' input type='hidden'...