CVE-2026-37591

Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/viewdetails.php...

EUVD-2016-9758

Malware in sbrugna...

EUVD-2025-7249

Malicious code in bioql PyPI...

Exploit for CVE-2025-34100

CVE-2025-34100-demo Demo web server !NOTE Please note t...

CVE-2025-6127 PHPGurukul Nipah Virus Testing Management System search-report.php cross site scripting

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search-report.php. The manipulation of the argument serachdata leads to cross site scripting. The attack may be...

CVE-2022-43847

IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking...

CVE-2025-0842

A vulnerability was found in needyamin Library Card System 1.0 and classified as critical. This issue affects some unknown processing of the file admin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attack may be initiated remotely. The...

Online Student Enrollment System SQL注入漏洞

Online Student Enrollment System is an online student enrollment system by Lyndon Bermoy, an individual developer. Online Student Enrollment System version 1.0 suffers from a SQL injection vulnerability that can be exploited by an attacker to view, add, modify, or delete information in the back-e...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of e-mail client software that is separate from the Mozilla Application Suite. Mozilla Thunderbird is ...

Linux kernel out-of-bounds read vulnerability (CNVD-2024-45903)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in the Linux kernel, which can be exploited by an attacker to obtain sensitive information and execute arbitrary code on the system...

CVE-2023-47143 IBM Tivoli Application Dependency Discovery Manager HOST header injection

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting,...

CVE-2023-51719 Stored Cross Site Scripting Vulnerability in Skyworth Router

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Traceroute parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

Sql injection

Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'e' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...

Exploit for SQL Injection in Phpgurukul Hospital_Management_System

CVE-2023-7172 Overview This project contains a vulnerabl...

Sql injection

Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'useremail' parameter of the businfo.php resource does not validate the characters received and they are sent unfiltered to the database...

Arbitrary Code Execution

traceroute is vulnerable to Arbitrary Code Execution. A command-line argument parsing vulnerability in the traceroute utility allows an attacker to execute arbitrary code on a vulnerable system by exploiting a flaw in the way that traceroute parses command-line arguments...

Use After Free

vim is vulnerable to Use After Free. An attacker could exploit this vulnerability by tricking a user into opening a malicious URL or by sending a specially crafted HTTP request to a vulnerable web server. The request would contain a specially crafted curl command that would cause the curl library...

Gym Management System Code Issue Vulnerability

Gym Management System is a gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, database backup and restore. A code issue exists in Gym...

CVE-2023-21554 - QueueJumper - MSMQ RCE Check

This module checks the provided hosts for the CVE-2023-21554 vulnerability by sending a MSMQ message with an altered DataLength field within the SRMPEnvelopeHeader that overflows the given buffer. On patched systems, the error is caught and no response is sent back. On vulnerable systems, the...

Online ID Generator 1.0 SQL Injection / Shell Upload

Title: Online-ID-Generator-1.0-SQLi-Bypass-login-ShellUpload-RCE Author: nu11secur1ty Date: 08/31/2023 Vendor: https://www.youtube.com/watch?v=JdB9po5DTc Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/idgenerator0.zip Reference:...