A vulnerability, which was classified as critical, has been found in Conjure Position Department Service Quality Evaluation System up to 1.0.11. Affected by this issue is the function eval of the file
A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules. Attackers can craft a specially designed ZIP modu
A security flaw has been discovered in codehub666 94list up to 5831c8240e99a72b7d3508c79ef46ae4b96befe8. The impacted element is the function Login of the file /function.php. The manipulation results
UNA CMS versions 9.0.0-RC1 - 14.0.0-RC4 contain a PHP object injection vulnerability in BxBaseMenuSetAclLevel.php where the profile_id POST parameter is passed to PHP unserialize() without proper hand
Chevereto 3.13.4 Core contains a remote code execution vulnerability that allows attackers to inject malicious code during database configuration installation. Attackers can manipulate the database ta
MyTube is a self-hosted downloader and player for several video websites. A vulnerability present in version 1.7.65 and poetntially earlier versions allows unauthenticated users to bypass the mandator
A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System up to 1.0. The impacted element is an unknown function of the file /manage_website.php. The manipulation
A vulnerability was detected in g33kyrash Online-Banking-System up to 12dbfa690e5af649fb72d2e5d3674e88d6743455. This vulnerability affects unknown code of the file /index.php. The manipulation of the
A vulnerability was detected in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file login_check.php of
A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file backup.php
A vulnerability, which was classified as critical, was found in Codezips Gym Management System 1.0. Affected is an unknown function of the file /change_s_pwd.php. The manipulation of the argument logi
A vulnerability was detected in nuz007 smsboom up to 01b2f35bbbc23f3e0f60f38ca0e3d1b286f8d674. The affected element is an unknown function of the file dy.php. Performing manipulation of the argument h
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.14, an authenticated SQL injection vulnerability in the main configuration update functionality of phpMyFAQ allows a privileged use
Dogfood CRM version 2.0.10 contains a remote command execution vulnerability in the spell.php script used by its mail subsystem. The vulnerability arises from unsanitized user input passed via a POST
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and beca
A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Login.php?f=login. The man
A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/admin_class_novo.php of the component Administrati
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument role
A vulnerability was determined in SourceCodester Client Database Management System 1.0. The impacted element is an unknown function of the file /superadmin_user_update.php. This manipulation causes im