PT-2026-6754

Name of the Vulnerable Software and Affected Versions Simple Blood Donor Management System version 1.0 Description A flaw exists in Simple Blood Donor Management System version 1.0 that allows for remote SQL injection. The issue is located in the /simpleblooddonor/editcampaignform.php file,...

SourceCodester Hotel and Lodge Management System SQL注入漏洞

SourceCodester Hotel and Lodge Management System is a SourceCodester open source hotel and lodge management system. A SQL injection vulnerability exists in SourceCodester Hotel and Lodge Management System version 1.0, which stems from an incorrect manipulation of the parameter currcode in the fil...

EUVD-2025-3267

Malicious code in bioql PyPI...

EUVD-2025-3514

Malicious code in bioql PyPI...

EUVD-2025-21968

Malicious code in bioql PyPI...

SourceCodester Student Grading System SQL注入漏洞

SourceCodester Student Grading System is a SourceCodester open source student grading system. A SQL injection vulnerability exists in SourceCodester Student Grading System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /viewstudents.php, which could lead to a...

CVE-2025-7557

CVE-2025-7557 affects code-projects Voting System 1.0. The vulnerable component is the file /admin/voters_row.php where the input parameter id is concatenated into an SQL statement, causing an SQL injection. Multiple connected sources confirm remote, unauthenticated exploitation with the possibil...

CVE-2025-6320 PHPGurukul Pre-School Enrollment System add-class.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment System 1.0. Affected is an unknown function of the file /admin/add-class.php. The manipulation of the argument classname leads to sql injection. It is possible to launch the attack remotely. The explo...

CVE-2025-31379

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in programphases Insert HTML Here insert-html-here allows Reflected XSS.This issue affects Insert HTML Here: from n/a through = 1.0...

CVE-2025-23584

CVE-2025-23584 concerns the WordPress plugin Pin Locations on Map (versions <= 1.0). The vulnerability is a reflected Cross‑Site Scripting (XSS) caused by improper neutralization of input during web page generation. Impact is a reflected XSS that could affect pages rendering user‑provided inpu...

CVE-2025-23485 WordPress RS Survey plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richestsoft RS Survey allows Reflected XSS. This issue affects RS Survey: from n/a through 1.0...

CVE-2025-23463

Cross-Site Request Forgery CSRF vulnerability in Mukesh Dak MD Custom content after or before of post md-custom-content allows Stored XSS.This issue affects MD Custom content after or before of post: from n/a through = 1.0...

CVE-2024-54388

CVE-2024-54388 is described as a CSRF to stored XSS vulnerability in the WordPress plugin 'Multiple Admin Emails' (vulnerable up to version 1.0). Public connected documents identify this CVE with explicit vulnerability type and affected software, but do not provide concrete exploit details or rem...

CVE-2024-12484 Codezips Technical Discussion Forum signuppost.php sql injection

A vulnerability classified as critical was found in Codezips Technical Discussion Forum 1.0. This vulnerability affects unknown code of the file /signuppost.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...

WordPress best bootstrap widgets for elementor plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin best bootstrap widgets for elementor versions = 1.0...

PT-2024-38794 · Unknown · Sourcecodester Online Computer/Laptop Store

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Computer and Laptop Store version 1.0 Description: A vulnerability was found in the Setting Handler component, affecting an unknown part of the file /php-ocls/classes/SystemSettings.php?f=update settings. The manipulatio...

CVE-2024-4927 SourceCodester Simple Online Bidding System unrestricted upload

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=saveproduct. The manipulation leads to unrestricted upload. Th...

PT-2024-6563 · Campcodes · Campcodes House Rental Management System

Name of the Vulnerable Software and Affected Versions: Campcodes House Rental Management System version 1.0 Description: The issue is related to a lack of protection against SQL query structure exploitation in the Campcodes House Rental Management System. This allows a remote attacker to execute...

Sandsprite scdbg Security Vulnerability

Scdbg is sandsprite open source a multi-platform open source Shellcode simulation run, analysis tools. A security vulnerability exists in Sandsprite scdbg version 1.0 that stems from an uncontrolled resource consumption vulnerability found on Sandsprite Scdbg.exe that allows an attacker to send a...

Task Reminder System 跨站脚本漏洞

Task Reminder System is a task reminder system. A cross-site scripting vulnerability exists in Task Reminder System version 1.0, which stems from a cross-site scripting XSS vulnerability in the parameter id of the file Users.php. No details of the vulnerability are available at this time...