CodeAstro Simple Pharmacy Management 安全漏洞

CodeAstro Simple Pharmacy Management is a simple pharmacy management system from CodeAstro. A security vulnerability exists in CodeAstro Simple Pharmacy Management version 1.0, which stems from an incorrect manipulation of the parameter barcode in the file /view.php, which could lead to a SQL...

CVE-2025-0175

The CVE-2025-0175 entry concerns code-projects Online Shop 1.0. A cross-site scripting (XSS) flaw exists in the /view.php page, triggered by manipulating the name/details argument. The vulnerability can be exploited remotely and the exploit has been disclosed publicly per multiple sources. The mo...

CVE-2024-37620

PHPVOD v4.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the id parameter at /view/admin/view.php...

CVE-2022-4421

A vulnerability was found in rAthena FluxCP. It has been classified as problematic. Affected is an unknown function of the file themes/default/servicedesk/view.php of the component Service Desk Image URL Handler. The manipulation of the argument sslink leads to cross site scripting. It is possibl...

Drupal avatar_uploader arbitrary file download vulnerability

avataruploader is the module used to implement the function of uploading user images in a content management system maintained by the Drupal community. A security vulnerability exists in avataruploader version 7.x-1.0-beta8, which is caused by code in the view.php file that fails to validate user...

Cross site scripting

Cross-site scripting XSS vulnerability in view.php in Machform 2 allows remote attackers to inject arbitrary web script or HTML via the element2 parameter...

K-Rate SQL Injection

K-Rate SQL Injection Vulnerability By: e.wiZz! Script site:http://turn-k.net/k-rate In the wild... Vulnerability: SQL Injection in view.php,variable username. Anyway, all sites i saw which are powered by this script are hosted on Apache,and have a modrewrite enabled,so you need to try this:...

K-Rate - SQL Injection

K-Rate SQL Injection Vulnerability By: e.wiZz! Script site:http://turn-k.net/k-rate In the wild... Vulnerability: SQL Injection in view.php,variable username. Anyway, all sites i saw which are powered by this script are hosted on Apache,and have a modrewrite enabled,so you need to try this:...

Directory traversal

Directory traversal vulnerability in view.php in xeCMS 1.0 allows remote attackers to read arbitrary files via a ..%2F dot dot slash in the list parameter...

Photo Galerie Standard 1.1 - view.php SQL Injection

Photo Galerie Standard 1.1 - view.php SQL Injection Title : Photo Galerie Standard = 1.1 view.php Remote SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://noname-media.com $$ : Free SQL--------------------------------------------------------- http://target/path//view.php?id=S...