CVE-2025-9417

The CVE-2025-9417 entry concerns itsourcecode Apartment Management System 1.0. The vulnerability lies in the /employee/addemployee.php file where the ID parameter is improperly processed, enabling SQL injection. It can be triggered remotely, and multiple connected sources confirm that an exploit ...

CVE-2025-9150

A vulnerability was identified in Surbowl dormitory-management-php up to 9f1d9d1f528cabffc66fda3652c56ff327fda317. Affected is an unknown function of the file /admin/violationadd.php?id=2. Such manipulation of the argument ID leads to sql injection. The attack may be performed from a remote...

CVE-2025-9150

An SQL injection vulnerability exists in Surbowl dormitory-management-php (up to commit 9f1d9d1f528cabffc66fda3652c56ff327fda317) via manipulation of the id parameter in /admin/violation_add.php. It can be exploited remotely, and an exploit is publicly available. Rolling release means version inf...

dormitory-management-php 注入漏洞

dormitory-management-php is a school dormitory management system by the individual developer Jayden Cai. An injection vulnerability exists in dormitory-management-php that stems from SQL injection due to incorrect manipulation of the parameter ID in the file /admin/violationadd.php...

Voting System positions_add.php file SQL Injection Vulnerability

Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter description in file /admin/positionsadd.php. An attacker can exploit this vulnerability to execute illega...

Code-Projects Voting System 注入漏洞

Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter firstname/lastname in the file /admin/votersadd.php for externally entered SQL statements. An attacker can exploit this vulnerability to execu...

CVE-2025-4885 itsourcecode Sales and Inventory System product_add.php sql injection

A vulnerability classified as critical has been found in itsourcecode Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument serial leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

CVE-2025-4718

A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pages/customeradd.php. The manipulation of the argument last leads to sql injection. The attack can be launched remotely...

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in version 1.0 of the CampCodes Sales and Inventory System, which stems from SQL injection due to incorrect manipulation of the parameter discount in the file...

CVE-2025-4502

A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pages/creditoradd.php. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

PT-2024-17474 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.116 Description: A problematic issue has been found in DedeCMS, affecting some unknown functionality of the file /member/soft add.php. The manipulation of the argument body leads to cross site scripting. The attack may be...

Code-Projects Crud Operation System 安全漏洞

Code-Projects Crud Operation System is an open source application from Code-Projects. A security vulnerability exists in Code-Projects Crud Operation System version 1.0, which originates from a cross-site scripting vulnerability contained in the saddress parameter of the /add.php file...

CVE-2024-11138

A vulnerability classified as problematic has been found in DedeCMS 5.7.116. This affects an unknown part of the file /dede/uploads/dede/friendlinkadd.php. The manipulation of the argument logoimg leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

PT-2024-16267 · Unknown · Sourcecodester Attendance/Payroll System

Name of the Vulnerable Software and Affected Versions: SourceCodester Attendance and Payroll System version 1.0 Description: A critical issue has been found in the system, affecting the processing of the file /admin/overtime add.php. The manipulation of the id argument leads to SQL injection. The...

CVE-2024-9799

A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument...

SourceCodester Profile Registration without Reload Refresh 跨站脚本漏洞

SourceCodester Profile Registration without Reload Refresh is a SourceCodester open source application. A cross-site scripting vulnerability exists in SourceCodester Profile Registration without Reload Refresh version 1.0, which originates in the file add.php with the parameters...

CVE-2024-9036

A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file adminadd.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

CVE-2024-7660

A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can ...

SourceCodester File Manager 安全漏洞

SourceCodester File Manager is a file manager. A security vulnerability exists in SourceCodester File Manager version 1.0, which stems from a cross-site scripting vulnerability in the File Title/Uploaded By parameter of the Add File Handler component...

CVE-2024-7660 SourceCodester File Manager App Add File cross site scripting

A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can ...