CVE-2026-5668

A flaw has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown part of the file /admin/Add%20notice/add%20notice.php. This manipulation of the argument $SERVER'PHPSELF' causes cross site scripting. It is possible to initiate th...

CVE-2025-13004

Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables.This issue affects E-Commerce Package: through 27112025...

CVE-2024-41956

Soft Serve is a self-hostable Git server for the command line. Prior to 0.7.5, it is possible for a user who can commit files to a repository hosted by Soft Serve to execute arbitrary code via environment manipulation and Git. The issue is that Soft Serve passes all environment variables given by...

phppgadmin contains an incorrect access control vulnerability

phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters 'subject', 'server', 'database', 'queryid' without proper validation or access...

CVE-2025-10929 Reverse Proxy Header - Less critical - Access bypass - SA-CONTRIB-2025-111

Improper Validation of Consistency within Input vulnerability in Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables.This issue affects Reverse Proxy Header: from 0.0.0 before 1.1.2...

EUVD-2006-3792

Malware in sbrugna...

EUVD-2002-1996

Malware in sbrugna...

EUVD-2006-0486

Malware in sbrugna...

EUVD-1999-0073

Malware in sbrugna...

EUVD-2003-0332

Malware in sbrugna...

CVE-2025-11332

A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing a manipulation of the argument PHPSELF can lead to cross site scripting. The attack may be launched remotely. The exploit has been public...

EUVD-2023-38294

Malicious code in bioql PyPI...

EUVD-2024-21978

Malicious code in bioql PyPI...

EUVD-2022-44892

Malicious code in bioql PyPI...

EUVD-2023-34966

Malicious code in bioql PyPI...

CVE-2025-8532

Authorization Bypass Through User-Controlled Key, CWE - 862 - Missing Authorization, – Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows – Exploitation of Trusted Identifiers, – Exploitation of Authorization, – Variable...

PT-2025-38538

Name of the Vulnerable Software and Affected Versions Bimser Solution Software Trade Inc. EBA Document and Workflow Management System versions 6.7.164 through 6.7.165 Description An improper authorization issue exists in Bimser Solution Software Trade Inc. EBA Document and Workflow Management...

Exploit for CVE-2024-31969

📌 CVE-2024-31969 CVE-2024-31969 adalah kerentanan local...

CVE-2022-48006

An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php...

CVE-2020-12612

An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When specifying a program to elevate, it can typically be found within the Program Files x86 folder and therefore uses the %ProgramFilesx86% environment variable. However, when this same policy gets pushed to a...