Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in /bcms/admin/court_rentals/update_status.php.Read More ...
Continue ReadingJune 02, 2022
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- 1.0 is vulnerable to Cross Site Scripting (XSS) in adminadd_cata.php via the ctg_name parameters.Read More ...
Continue ReadingJune 02, 2022
Food-order-and-table-reservation-system- 1.0 is vulnerable to SQL Injection in categorywise-menu.php via the catid parameters.Read More ...
Continue ReadingJune 02, 2022
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in search_product.php via the keyword parameters.Read More ...
Continue ReadingJune 02, 2022
In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.Read More ...
Continue ReadingJune 02, 2022
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST requ ...
Continue ReadingJune 02, 2022
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.Read More ...
Continue ReadingJune 02, 2022
phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "auth_user" parameter in index.php script.Read More ...
Continue ReadingJune 02, 2022
Back to Main