funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin.

An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into the tracker comments page.

Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield.

Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit.

An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into chat group.

OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserType. No authentication is required. The information disclosed is associated with the registered user ID, status, email address, role(s), user type, license type, and personal detai…

OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId and email parameters. Authentication is required.

Kliqqi-CMS has a background arbitrary code execution vulnerability that attackers can exploit to implant backdoors or getShell via the edit_page.php component.

SQL Injection vulnerability in Best House rental management system project in php v.1.0 allows a remote attacker to execute arbitrary code via the username parameter of the login request.

A SQL Injection vulnerability in ESAFENET CDG 5 and earlier allows an attacker to execute arbitrary code via the id parameter of the dataSearch.jsp page.