11461 matches found
CVE-2025-13396 code-projects Courier Management System add-office.php sql injection
A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public a...
CVE-2025-13396 code-projects Courier Management System add-office.php sql injection
A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public a...
CVE-2025-13349
A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack ...
Code-Projects Courier Management System SQL注入漏洞
Code-Projects Courier Management System is a Code-Projects open source courier management system. A SQL injection vulnerability exists in Code-Projects Courier Management System version 1.0, which stems from an incorrect manipulation of the parameter OfficeName in the file /add-office.php, which...
PT-2025-47461
A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public a...
CVE-2025-13302
A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...
CVE-2025-13349
A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack ...
CVE-2025-13349
A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack ...
CVE-2025-13253
A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /addlibrarian.php. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...
CVE-2025-13254
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...
PT-2025-47395
Name of the Vulnerable Software and Affected Versions Sencore SMP100 SMP Media Platform versions V4.2.160, V60.1.4, V60.1.29 Description The Sencore SMP100 SMP Media Platform is susceptible to session hijacking because of inadequate session management. An attacker on the same network as a logged-...
Student Record System add-course.php File SQL Injection Vulnerability
Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the course-short, course-full, and cdate parameters in add-course.php. An attacker can exploit this...
Simple Cafe Ordering System add_to_cart File Cross Site Scripting Vulnerability
Simple Cafe Ordering System is a simple coffee ordering system. The Simple Cafe Ordering System suffers from a cross-site scripting vulnerability that arises from insufficient security filtering of the productname parameter in the /addtocart file. An attacker could use this vulnerability to execu...
Student Record System add-subject.php File SQL Injection Vulnerability
Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the sub1, sub2, sub3, sub4, and course-short parameters of add-subject.php. An attacker can exploit this...
Simple Online Hotel Reservation System add_query_reserve.php File SQL Injection Vulnerability
Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that stems from the /addqueryreserve.php file failing to effectively filter the roomid parameter. No details of the vulnerability a...
PT-2025-47319
Name of the Vulnerable Software and Affected Versions SourceCodester Student Grades Management System version 1.0 Description A flaw exists in SourceCodester Student Grades Management System 1.0 related to the processing of the /grades.php file within the Add New Grade Page component. Manipulatio...
CVE-2025-31361
CVE-2025-31361 describes a privilege-escalation issue in the Dell ControlVault3 WBDI Driver Broadcom Storage Adapter (WBIO_USH_ADD_RECORD) affecting Dell ControlVault3 prior to 5.15.14.19 and ControlVault3 Plus prior to 6.2.36.47. Cisco Talos reports that a specially crafted WinBioControlUnit cal...
EUVD-2025-197884
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...
CVE-2025-36463 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...
CVE-2025-13302
A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...