38 matches found
PT-2026-21433
Inventory Webapp contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. Attackers can supply malicious SQL payloads in the name, description, quantity, or cat id parameters to add-item.php to execu...
CVE-2025-4507
A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /routers/add-item.php. The manipulation of the argument price leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CampCodes Online Food Ordering System 注入漏洞
CampCodes Online Food Ordering System is an online food ordering system from CampCodes, Inc. An injection vulnerability exists in version 1.0 of the CampCodes Online Food Ordering System, which originates from a SQL injection due to incorrect manipulation of the parameter price in the file...
CVE-2025-4069
A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function additem. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The explo...
CVE-2025-4069 code-projects Product Management System add_item stack-based overflow
A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function additem. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The explo...
CVE-2025-4061
A vulnerability, which was classified as critical, was found in code-projects Clothing Store Management System up to 1.0. Affected is the function additem. The manipulation of the argument st.productname leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has bee...
Code-Projects Clothing Store Management System 安全漏洞
Code-Projects Clothing Store Management System is Code-Projects open source a clothing store management system . A security vulnerability exists in Code-Projects Clothing Store Management System version 1.0, which stems from a mishandling of the additem function with the parameter st.productname,...
Code-Projects Product Management System 安全漏洞
Code-Projects Product Management System is an open source product management system from Code-Projects. A security vulnerability exists in Code-Projects Product Management System version 1.0, which stems from an improper operation of the additem function on the parameter st.productname, which cou...
CVE-2024-6214
A vulnerability was found in SourceCodester Food Ordering Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file add-item.php. The manipulation of the argument price leads to sql injection. The attack can be initiated remotely. The exploit has...
PT-2024-37456 · Unknown · Sourcecodester Food Ordering Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Food Ordering Management System version 1.0 Description: A critical issue has been found in the SourceCodester Food Ordering Management System. The problem affects the file add-item.php, where the manipulation of the price...
CVE-2023-45323
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'name' parameter of the routers/add-item.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2023-29498 · Unknown · Online Food Ordering System
Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. The name parameter of the "routers/add-item.php" resource does not validate the characters received and they are...
Online Food Ordering System SQL Injection Vulnerability
Online Food Ordering System is an online food ordering system by Carlo Montero, a personal developer. A SQL injection vulnerability exists in Online Food Ordering System v1.0, which is caused by insufficient filtering of the name parameter on the routers/add-item.php page...
PT-2023-29499 · Unknown · Online Food Ordering System
Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. The price parameter of the "routers/add-item.php" resource is vulnerable. This could potentially allow unauthorize...
CVE-2023-2691
A vulnerability, which was classified as problematic, was found in SourceCodester Personnel Property Equipment System 1.0. Affected is an unknown function of the file admin/additem.php of the component POST Parameter Handler. The manipulation of the argument itemname leads to cross site scripting...
SourceCodester Personnel Property Equipment System 跨站脚本漏洞
Personnel Property Equipment System is a personnel property equipment management system by Jon Remus Sevellejo personal developer. A cross-site scripting vulnerability exists in Personnel Property Equipment System v1.0, which stems from the lack of effective filtering and escaping of user-supplie...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Menalto Gallery before 2.2.4 allow remote attackers to inject arbitrary web script or HTML via crafted filenames to the 1 Core or 2 add-item modules; or via 3 HTTP PROPPATCH in the WebDAV module...
CVE-2007-6687
Multiple cross-site scripting XSS vulnerabilities in Menalto Gallery before 2.2.4 allow remote attackers to inject arbitrary web script or HTML via crafted filenames to the 1 Core or 2 add-item modules; or via 3 HTTP PROPPATCH in the WebDAV module...