CVE-2026-33736

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user including ROLESTUDENT can enumerate all platform users and access personal information email, phone, roles via GET /api/users, including administrator accounts. This vulnerability is fixed in 2.0.0-RC.3...

PT-2025-53858

Name of the Vulnerable Software and Affected Versions CloudPanel Community Edition versions up to 2.5.1 Description A security issue exists in CloudPanel Community Edition. The problem involves an open redirect through manipulation of the Referer argument within an unknown function of the...

EUVD-2002-2341

Malware in sbrugna...

EUVD-2004-0963

Malware in sbrugna...

EUVD-2002-0467

Malware in sbrugna...

CVE-2025-11040

A vulnerability was detected in code-projects Hostel Management System 1.0. Affected by this issue is some unknown functionality of the file /justines/admin/modusers/index.php?view=view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit...

CVE-2025-11040

A vulnerability was detected in code-projects Hostel Management System 1.0. Affected by this issue is some unknown functionality of the file /justines/admin/modusers/index.php?view=view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit...

CVE-2024-42776

Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users.php...

SourceCodester Aplaya Beach Resort Online Reservation System SQL注入漏洞

Aplaya Beach Resort Online Reservation System is the online room reservation system for Aplaya Beach Resort. A SQL injection vulnerability exists in version 1.0 of the SourceCodester Aplaya Beach Resort Online Reservation System due to an SQL injection in the name parameter of the...

CVE-2023-7140

A vulnerability was found in code-projects Client Details System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be...

CVE-2022-45931

A SQL injection issue was discovered in AAA in OpenDaylight ODL before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java deleteUser function is affected when the API interface /auth/v1/users/ is used...

Rdiffweb 安全漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. A denial of service vulnerability exists in Rdiffweb versions prior to 2.4.8, which stems from a lack of length validation of the root...

CVE-2022-36270

Clinic's Patient Management System v1.0 has arbitrary code execution via url: ip/pms/users.php...

CVE-2018-9147

Cross-site scripting XSS vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to webapp/users/userreg.jsp...