247 matches found
CVE-2026-6584 TransformerOptimus SuperAGI User Update Endpoint user.py update_user authorization
A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function updateuser of the file superagi/controllers/user.py of the component User Update Endpoint. The manipulation of the argument userid results in authorization bypass. The attack may be...
EUVD-2026-21224
A security flaw has been discovered in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /crud.php. The manipulation of the argument userId results in sql injection. The attack may be performed from remote. The exploit has been released to the...
CVE-2019-25486 Varient 1.6.1 SQL Injection via user_id Parameter
Varient 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit POST requests with crafted SQL payloads in the userid field to bypass authentication and extract...
CVE-2026-3761
SourceCodester Client Database Management System 1.0 contains a flaw in the /superadmin_user_delete.php endpoint where manipulating the user_id parameter leads to improper authorization. The issue can be exploited remotely and the exploit has been published. Affects the described component; CVSS ...
CVE-2025-14210
A security vulnerability has been detected in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /deletemember.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...
EUVD-2025-201655
A security vulnerability has been detected in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /deletemember.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...
CVE-2025-14210 projectworlds Advanced Library Management System delete_member.php sql injection
A security vulnerability has been detected in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /deletemember.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...
CVE-2025-14210 projectworlds Advanced Library Management System delete_member.php sql injection
A security vulnerability has been detected in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /deletemember.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...
EUVD-2007-1893
Malware in sbrugna...
EUVD-2005-3912
Malware in sbrugna...
EUVD-2014-2997
Malware in sbrugna...
EUVD-2006-1847
Malware in sbrugna...
EUVD-2009-3340
Malware in sbrugna...
EUVD-2014-5407
Malware in sbrugna...
EUVD-2009-4900
Malware in sbrugna...
EUVD-2010-4988
Malware in sbrugna...
EUVD-2009-0116
Malware in sbrugna...
EUVD-2006-5812
Malware in sbrugna...
EUVD-2009-3428
Malware in sbrugna...
EUVD-2015-1577
Malware in sbrugna...