CVE-2025-11668 code-projects Automated Voting System update_user.php sql injection

A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/updateuser.php. This manipulation of the argument Password causes sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-11611

A weakness has been identified in SourceCodester Simple Inventory System 1.0. Impacted is an unknown function of the file /user.php. This manipulation of the argument uemail causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public...

EUVD-2009-3562

Malware in sbrugna...

EUVD-2016-6187

Malware in sbrugna...

EUVD-2025-29355

Malicious code in bioql PyPI...

EUVD-2023-30984

Malicious code in bioql PyPI...

EUVD-2025-29151

Malicious code in bioql PyPI...

CVE-2025-10810 Campcodes Online Learning Management System edit_user.php sql injection

A vulnerability was detected in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/edituser.php. Performing manipulation of the argument firstname results in sql injection. The attack is possible to be carried out remotely. The exploit ...

PT-2025-38688

Name of the Vulnerable Software and Affected Versions Campcodes Grocery Sales and Inventory System version 1.0 Description A flaw exists in Campcodes Grocery Sales and Inventory System 1.0 that allows for remote SQL injection. The issue is located in the /manage user.php file, where manipulation ...

CVE-2025-10627

The CVE-2025-10627 entry concerns SourceCodester Online Exam Form Submission 1.0. A SQL injection vulnerability exists in the /admin/delete_user.php endpoint caused by manipulation of the ID parameter. The flaw can be exercised remotely, and exploits have been disclosed publicly. Multiple connect...

CVE-2025-10623 SourceCodester Hotel Reservation System deleteuser.php sql injection

A vulnerability was identified in SourceCodester Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteuser.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and...

CVE-2025-10595

A vulnerability has been found in SourceCodester Online Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/deleteuser.php. The manipulation of the argument userid leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-10595 SourceCodester Online Student File Management System delete_user.php sql injection

A vulnerability has been found in SourceCodester Online Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/deleteuser.php. The manipulation of the argument userid leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-10427

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/operation/user.php. Executing manipulation of the argument websiteimage can lead to unrestricted upload. It is possible to launch the attack remotely. The...

PT-2025-37450

Name of the Vulnerable Software and Affected Versions: SourceCodester Pet Grooming Management Software version 1.0 Description: A weakness exists in SourceCodester Pet Grooming Management Software that allows for unrestricted file upload. The issue impacts an unknown function within the...

SourceCodester Online Student File Management SQL注入漏洞

SourceCodester Online Student File Management is a SourceCodester open source online student file management system. A SQL injection vulnerability exists in SourceCodester Online Student File Management version 1.0, which stems from an incorrect manipulation of the parameter firstname in the file...

CVE-2025-43756

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.15, 2025.Q2.0 through 2025.Q2.2 and 2024.Q1.13 through 2024.Q1.19 allows a remote authenticated user to inject JavaScript code via snippet parameter...

CVE-2025-8969 itsourcecode Online Tour and Travel Management System approve_user.php sql injection

A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/approveuser.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has be...

CVE-2025-6512

On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights...

CVE-2023-5230

The TM WooCommerce Compare & Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'tmwoowishlisttable' shortcode in versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...