Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix OOB read If the index provided by the user is larger than the mask size, we might perform an out-of-bound read...

itsourcecode Online Enrollment System SQL注入漏洞

itsourcecode Online Enrollment System is an open-source online registration system developed by itsourcecode. Version 1.0 of the itsourcecode Online Enrollment System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “Name” in the file...

CVE-2026-2073

A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclos...

CVE-2026-2073

A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclos...

CVE-2026-2073

A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclos...

CVE-2026-2073

A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclos...

PT-2026-6874

Name of the Vulnerable Software and Affected Versions itsourcecode School Management System version 1.0 Description A flaw exists in itsourcecode School Management System 1.0 that allows for SQL injection. This occurs through manipulation of the ID argument within the file...

EUVD-2025-197749

A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has be...

E-Commerce Website user_index_search.php File SQL Injection Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /pages/userindexsearch.php. An attacker can exploit this vulnerability to...

CVE-2025-11558

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

EUVD-2025-33554

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

CVE-2025-11558

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

CVE-2025-11558 code-projects E-Commerce Website user_index_search.php sql injection

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

CVE-2025-11558

CVE-2025-11558 affects code-projects E-Commerce Website 1.0, specifically the /pages/user_index_search.php file where the Search parameter can be manipulated to trigger SQL injection. Multiple connected sources (CNVD-2025-23975, RH:CVE-2025-11558, CNNVD-202510-1254, NVD/CVE-2025-11558, CVELIST) d...

Code-Projects E-Commerce Website SQL注入漏洞

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /pages/userindexsearch.php. An attacker can exploit this vulnerability to...

EUVD-2022-5272

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-9435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php searchsupervisor and searchstatut parameters. CVE-2017-9435 Note that Nessus...

CVE-2022-45037

A cross-site scripting XSS vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field...

CVE-2017-9435

Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php searchsupervisor and searchstatut parameters...

CVE-2025-2687

A vulnerability classified as critical has been found in PHPGurukul eLearning System 1.0. Affected is an unknown function of the file /user/index.php of the component Image Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...