CVE-2025-11332 CmsEasy URL view.php cross site scripting

A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing a manipulation of the argument PHPSELF can lead to cross site scripting. The attack may be launched remotely. The exploit has been public...

EUVD-2024-52781

Malicious code in bioql PyPI...

CodeAstro Simple Pharmacy Management 安全漏洞

CodeAstro Simple Pharmacy Management is a simple pharmacy management system from CodeAstro. A security vulnerability exists in CodeAstro Simple Pharmacy Management version 1.0, which stems from an incorrect manipulation of the parameter barcode in the file /view.php, which could lead to a SQL...

CVE-2025-0175

A vulnerability was found in code-projects Online Shop 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /view.php. The manipulation of the argument name/details leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

CVE-2024-55505

An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component...

CVE-2022-4421

A vulnerability was found in rAthena FluxCP. It has been classified as problematic. Affected is an unknown function of the file themes/default/servicedesk/view.php of the component Service Desk Image URL Handler. The manipulation of the argument sslink leads to cross site scripting. It is possibl...

CVE-2017-17954

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the seller-view.php usid parameter...

CVE-2017-14345

SQL Injection exists in tianchoy/blog through 2017-09-12 via the id parameter to view.php...

CVE-2025-0721

A vulnerability classified as problematic has been found in needyamin imagegallery 1.0. This affects the function imagegallery of the file /view.php. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-0175

A vulnerability was found in code-projects Online Shop 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /view.php. The manipulation of the argument name/details leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

CVE-2025-0175

The CVE-2025-0175 entry concerns code-projects Online Shop 1.0. A cross-site scripting (XSS) flaw exists in the /view.php page, triggered by manipulating the name/details argument. The vulnerability can be exploited remotely and the exploit has been disclosed publicly per multiple sources. The mo...

CVE-2025-0175 code-projects Online Shop view.php cross site scripting

A vulnerability was found in code-projects Online Shop 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /view.php. The manipulation of the argument name/details leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

CVE-2024-55505

An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component...

CVE-2024-55505

The CVE-2024-55505 entry concerns CodeAstro Complaint Management System v1.0. A vulnerability in the mess-view.php component allows a remote attacker to escalate privileges. The issue is repeatedly described across sources as a privilege-escalation in CodeAstro CMS 1.0, with no explicit root-caus...

CVE-2024-55505

An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component...

CVE-2024-37620

PHPVOD v4.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the id parameter at /view/admin/view.php...

CVE-2024-37620

PHPVOD v4.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the id parameter at /view/admin/view.php...

CVE-2024-5381

A vulnerability classified as critical was found in itsourcecode Student Information Management System 1.0. Affected by this vulnerability is an unknown functionality of the file view.php. The manipulation of the argument studentId leads to sql injection. The attack can be launched remotely. The...

CVE-2024-5381 itsourcecode Student Information Management System view.php sql injection

A vulnerability classified as critical was found in itsourcecode Student Information Management System 1.0. Affected by this vulnerability is an unknown functionality of the file view.php. The manipulation of the argument studentId leads to sql injection. The attack can be launched remotely. The...

CVE-2024-5381 itsourcecode Student Information Management System view.php sql injection

A vulnerability classified as critical was found in itsourcecode Student Information Management System 1.0. Affected by this vulnerability is an unknown functionality of the file view.php. The manipulation of the argument studentId leads to sql injection. The attack can be launched remotely. The...