234944 matches found
CVE-2026-14774
The vulnerability CVE-2026-14774 affects itsourcecode Hospital Management System 1.0. The issue lies in the file /paymentdischarge.php, where manipulation of the argument patientid leads to a SQL injection. Access may be remote, and the exploit has been publicly disclosed and may be used. The ava...
CVE-2026-14771
CVE-2026-14771 affects SourceCodester Class and Exam Timetabling System 1.0 (file /edit_exam1.php). A manipulation of the argument ID in an unknown function can trigger an SQL injection, enabling a remote attack. The vulnerability has an externally published exploit and is reported with PoC-level...
CVE-2026-14770
The CVE-2026-14770 entry affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability is an SQL injection in the /edit_room.php script caused by manipulating the ID parameter, allowing remote initiation of an attack. This is supported by multiple connected sources that describe...
EUVD-2026-41780
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...
CVE-2026-14768
CVE-2026-14768 affects code-projects Real State Services 1.0 and concerns the file /builderHome.php. The vulnerability arises from manipulation of the argument loc, enabling SQL injection. It is executable remotely and the exploit has been made publicly available. Documents do not specify the vul...
CVE-2026-14767
CodeAstro Ecommerce Website 1.0 contains a SQL injection in the POST Parameter Handler within /ecommerce-website-php/customer/confirm.php (invoice_no). The vulnerability can be triggered remotely; the exploit has been released publicly. The CVSS-derived metrics in the sources indicate network att...
CVE-2026-14764
A CVE (CVE-2026-14764) affects code-projects Hotel and Tourism Reservation 1.0. The vulnerability is an SQL injection in the Event Management Page, specifically via the fdetails argument in the file /admin/add_event.php. Exploitation can be performed remotely, and public disclosures exist. CVSS m...
CVE-2026-14763
CVE-2026-14763 affects code-projects Hotel and Tourism Reservation 1.0. The vulnerability targets the Tour Reservations Page, specifically /admin/tour_reserves.php, where manipulation of the tour argument enables SQL injection. Attacks are network-based and can be initiated remotely; the exploit ...
EUVD-2026-41773
A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. This affects an unknown function of the file /admin/tourreserves.php of the component Tour Reservations Page. This manipulation of the argument tour causes sql injection. The attack can be initiated remotely. The exploit ha...
CVE-2026-14762
Technical details about CVE-2026-14762 are not publicly available in the provided documents. Monitor for updates on affected product versions, affected component, and remediation.
EUVD-2026-41772
A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Management Page. The manipulation of the argument delete results in sql injection. It is possible to launch the attack...
CVE-2026-14756
The CVE-2026-14756 entry concerns code-projects Hotel and Tourism Reservation 1.0. It identifies a vulnerability in /admin/add_tour.php where manipulating the delete_image argument enables SQL injection, with remote exploitation and a publicly available exploit. The issue affects the Tour Managem...
CVE-2026-14755
The CVE concerns code-projects Hotel and Tourism Reservation 1.0. The vulnerability exists in the Reservations Management Page (/admin/reservations.php), where manipulating the delete parameter causes SQL injection. Likely exploitable remotely with no authentication required, as indicated by CVSS...
EUVD-2026-41761
A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/reservations.php of the component Reservations Management Page. The manipulation of the argument delete leads to sql injection. The atta...
EUVD-2026-41757
A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...
CVE-2026-14750
The CVE-2026-14750 entry concerns mjperpinosa stumasy with a SQL injection in the function Notes_controller::accessing_dictionary_authorization (file application/PHP/objects/notes/accessing_dictionary_authorization.php). Manipulating the Password argument enables a remote attacker to leverage SQL...
CVE-2026-14747
The CVE-2026-14747 entry concerns code-projects Real State Services 1.0. The vulnerability targets an unspecified functionality of /addprojectsale.php, where manipulation of the amen parameter leads to an SQL injection. It is described as exploitable remotely and classified with a CVSS impact pro...
EUVD-2026-41752
A vulnerability was detected in code-projects Real State Services 1.0. Affected by this vulnerability is an unknown functionality of the file /addprojectsale.php. The manipulation of the argument amen results in sql injection. The attack can be launched remotely...
CVE-2026-14746
CVE-2026-14746 affects code-projects Real State Services 1.0. The vulnerability is in an unknown function of the file /addprojectrent.php, where manipulating the argument amen leads to SQL injection. Exploitation is possible remotely, and the exploit has been publicly disclosed (Exploit maturity:...
EUVD-2026-41751
A security vulnerability has been detected in code-projects Real State Services 1.0. Affected is an unknown function of the file /addprojectrent.php. The manipulation of the argument amen leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may...