Lucene search
K

412 matches found

CVE
CVE
added 2025/09/23 5:2 a.m.17 views

CVE-2025-10840

CVE-2025-10840 affects SourceCodester Pet Grooming Management Software 1.0. The vulnerability is a SQL injection in the file /admin/print-payment.php via manipulation of the sql111 argument, enabling remote exploitation. Public exploits exist. Multiple sources report impact across confidentiality...

8.8CVSS6.7AI score0.00437EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/09/23 4:32 a.m.9 views

CVE-2025-10839 SourceCodester Pet Grooming Management Software inv-print.php sql injection

A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. The impacted element is an unknown function of the file /admin/inv-print.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has bee...

6.5CVSS0.00437EPSS
Exploits1References5
NVD
NVD
added 2025/09/23 1:15 a.m.6 views

CVE-2025-10826

A security flaw has been discovered in Campcodes Online Beauty Parlor Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/sales-reports-detail.php. The manipulation of the argument fromdate/todate results in sql injection. The attack can be launche...

8.8CVSS0.00351EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/22 4:32 p.m.3 views

CVE-2025-10806 Campcodes Online Beauty Parlor Management System bwdates-reports-details.php sql injection

A vulnerability was identified in Campcodes Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be initiated remotely. The exploi...

6.5CVSS6.5AI score0.00351EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.7 views

CampCodes Online Beauty Parlor Management System SQL注入漏洞

CampCodes Online Beauty Parlor Management System is an online beauty parlor management system from CampCodes Philippines, Inc. A SQL injection vulnerability exists in CampCodes Online Beauty Parlor Management System version 1.0, which stems from an incorrect manipulation of the parameter editid i...

8.8CVSS6.9AI score0.00351EPSS
Exploits1References5
CVE
CVE
added 2025/09/16 2:33 p.m.34 views

CVE-2009-20006

The CVE-2009-20006 issue affects osCommerce

9.3CVSS6.7AI score0.01142EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.5 views

PT-2025-38002

Name of the Vulnerable Software and Affected Versions: osCommerce versions up to and including 2.2 RC2a Description: osCommerce versions up to and including 2.2 RC2a contain a flaw in the administrative file manager utility admin/file manager.php. The interface lacks sufficient input validation a...

9.3CVSS7.3AI score0.01142EPSS
Exploits0References7
NVD
NVD
added 2025/09/15 7:15 a.m.4 views

CVE-2025-10430

A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/barcode.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and ma...

8.8CVSS0.00352EPSS
Exploits1References6
OSV
OSV
added 2025/09/14 6:15 p.m.4 views

CVE-2025-10403

A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/view-enquiry.php. The manipulation of the argument viewid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclose...

9.8CVSS5.7AI score0.0041EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/11 1:22 a.m.7 views

CVE-2025-10116

A vulnerability was identified in SiempreCMS up to 1.3.6. This vulnerability affects unknown code of the file /docs/admin/fileupload.php. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly available and might be used...

7.5CVSS7.3AI score0.00421EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 2:15 a.m.7 views

CVE-2025-10116

A vulnerability was identified in SiempreCMS up to 1.3.6. This vulnerability affects unknown code of the file /docs/admin/fileupload.php. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly available and might be used...

7.5CVSS0.00421EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/09 1:2 a.m.3 views

CVE-2025-10116 SiempreCMS file_upload.php unrestricted upload

A vulnerability was identified in SiempreCMS up to 1.3.6. This vulnerability affects unknown code of the file /docs/admin/fileupload.php. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly available and might be used...

7.5CVSS6.8AI score0.00421EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/08 1:26 p.m.5 views

CVE-2025-10033

A vulnerability has been found in itsourcecode Online Discussion Forum 1.0. This affects an unknown function of the file /admin. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used...

9.8CVSS7.1AI score0.00401EPSS
Exploits1References1
NVD
NVD
added 2025/09/05 8:15 p.m.4 views

CVE-2025-10025

A vulnerability has been found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/semester.php. The manipulation of the argument semester leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

9.8CVSS0.00387EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/05 7:32 p.m.7 views

CVE-2025-10025 PHPGurukul Online Course Registration semester.php sql injection

A vulnerability has been found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/semester.php. The manipulation of the argument semester leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

7.5CVSS0.00387EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/05 4:31 p.m.8 views

CVE-2025-9919

A vulnerability was identified in 1000projects Beauty Parlour Management System 1.0. This affects an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploi...

9.8CVSS7.5AI score0.00423EPSS
Exploits1References1
CNVD
CNVD
added 2025/09/04 12:0 a.m.2 views

Apartment Management System /admin.php File SQL Injection Vulnerability

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in ddlBranch, a parameter of the Setting Handler component in file...

9.8CVSS8.3AI score0.00384EPSS
Exploits1References1
OSV
OSV
added 2025/09/03 4:15 p.m.8 views

CVE-2025-9919

A vulnerability was identified in 1000projects Beauty Parlour Management System 1.0. This affects an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploi...

9.8CVSS7AI score0.00423EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.4 views

PT-2025-35794

Name of the Vulnerable Software and Affected Versions: 1000projects Beauty Parlour Management System version 1.0 Description: A SQL injection issue exists in 1000projects Beauty Parlour Management System version 1.0. The vulnerability is located in the /admin/bwdates-reports-details.php file...

7.5CVSS7.5AI score0.00423EPSS
Exploits1References7
CVE
CVE
added 2025/09/02 8:2 p.m.20 views

CVE-2025-9830

CVE-2025-9830 affects PHPGurukul Beauty Parlour Management System 1.1. The vulnerability is a SQL injection in the file /admin/add-customer-services.php, triggered by manipulating the sids[] parameter. It is exploitable remotely and publicly available exploits exist. Reported by multiple sources ...

9.8CVSS6.9AI score0.00387EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder