CVE-2026-6184

A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...

Code-Projects Simple Content Management System 代码注入漏洞

Code-Projects Simple Content Management System is an open-source simple content management system developed by Code-Projects. Version 1.0 of the code-projects Simple Content Management System contains a code injection vulnerability. This vulnerability arises from incorrect handling of parameters...

Client Details System welcome.php File Cross-Site Scripting Vulnerability

Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /welcome.php, which can be exploited by an attacker to execute arbitrary Web...

CVE-2025-12243

A vulnerability was found in code-projects Client Details System 1.0. Affected by this issue is some unknown functionality of the file clientdetails/welcome.php of the component GET Parameter Handler. Performing manipulation of the argument ID results in sql injection. The attack may be initiated...

CVE-2025-12279

CVE-2025-12279 affects code-projects Client Details System 1.0, with a cross-site scripting flaw in /welcome.php due to insufficient input filtering/escaping. The vulnerability is remote-exploitable and has been publicly disclosed; CVSS indicators show MEDIUM impact with LOW confidentiality/integ...

PT-2025-43899

Name of the Vulnerable Software and Affected Versions code-projects Client Details System version 1.0 Description A flaw exists in the GET Parameter Handler component of the software, specifically within the clientdetails/welcome.php file. Manipulation of the ID parameter can lead to a SQL...

EUVD-2022-36057

Malicious code in bioql PyPI...

CVE-2022-32991

Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php...

CVE-2022-32991

Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php...

Sql injection

Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php...

CVE-2022-32991

Web Based Quiz System v1.0 is vulnerable to SQL injection via the eid parameter in welcome.php due to lack of input validation. This can allow an attacker to execute arbitrary SQL and potentially steal sensitive database data. Several sources (CNVD, NVD, Red Hat, CVE records) confirm the vulnerab...

CVE-2022-32991

Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php...

Tapatalk for WoltLab Burning Board 'welcome.php' Has Multiple Cross-Site Scripting Vulnerabilities

WoltLab Burning Board is a forum program and Tapatalk is a plug-in application. Tapatalk for WoltLab Burning Board 'welcome.php' has a cross-site scripting vulnerability that can be exploited by remote attackers to construct malicious URIs and trick users into parsing them, which can be used to...

CVE-2010-2915

SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to execute arbitrary SQL commands via the id parameter...

Sql injection

SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-2915

SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-2915

CVE-2010-2915 describes a SQL injection vulnerability in welcome.php of AJ Square AJ HYIP PRIME, allowing remote attackers to manipulate the id parameter to execute arbitrary SQL commands. The underlying issue is input handling in the affected script, leading to potential data exposure or modific...

AJ HYPE PRIME SQL Injection

/ AJ HYPE PRIME id Remote SQL Injection Vulnerability Discovered by : MizoZ Contact : [email protected] Team : EvilWay Date : July 29 2009 Greetings : Moudi , Zuka, All friends / SQL Injection welcome.php GET : id : HOST/PATH/forum/welcome.php?id=SQL CODE SQL CODE :...

CVE-2007-1643

Multiple PHP remote file inclusion vulnerabilities in LAN Management System LMS 1.8.9 Vala and earlier allow remote attackers to execute arbitrary PHP code via a URL in 1 the CONFIGdirectoriesuserpaneldir parameter to userpanel.php or the 2 LIBDIR parameter to welcome.php...

CVE-2005-2792

Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. dot dot in the customwelcomepage parameter...