CVE-2025-9729

A vulnerability was detected in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /admin/student-registration.php. Performing manipulation of the argument studentname results in sql injection. The attack is possible to be carried out remotely. The...

Online Course Registration admin/student-registration.php File SQL Injection Vulnerability

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter studentname in the file /admin/student-registration.php. An...

CVE-2025-9793

A vulnerability was detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /setting/admin.php of the component Setting Handler. Performing manipulation of the argument ddlBranch results in sql injection. The attack is possible to be carried out...

CVE-2025-9793 itsourcecode Apartment Management System Setting admin.php sql injection

A vulnerability was detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /setting/admin.php of the component Setting Handler. Performing manipulation of the argument ddlBranch results in sql injection. The attack is possible to be carried out...

CVE-2025-9793

The CVE-2025-9793 entry concerns itsourcecode Apartment Management System 1.0. The vulnerability is a SQL injection in the Setting Handler, exposed via /setting/admin.php, where manipulating the ddlBranch parameter enables remote exploitation. Public exploit appears available, and multiple connec...

CVE-2025-9766

The CVE-2025-9766 entry corresponds to a SQL injection in itsourcecode Sports Management System 1.0, specifically in the file /Admin/facilitator.php where manipulation of the code parameter in an unknown function enables remote exploitation. Public exploits have been reported. Multiple connected ...

CVE-2025-9765

A vulnerability has been found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/tournamentdetails.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2025-9746

A vulnerability was detected in Campcodes Hospital Management System 1.0. This affects an unknown function of the file /admin/edit-doctor-specialization.php of the component Edit Doctor Specialization Page. The manipulation results in cross site scripting. The attack may be launched remotely. The...

CVE-2025-9729

A vulnerability was detected in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /admin/student-registration.php. Performing manipulation of the argument studentname results in sql injection. The attack is possible to be carried out remotely. The...

CVE-2025-9729

CVE-2025-9729 affects PHPGurukul Online Course Registration 3.1, where SQL injection is possible via the studentname parameter in /admin/student-registration.php. The root cause is unsanitized input leading to SQL injection, with remote exploitation confirmed. Multiple connected sources corrobora...

PHPGurukul Online Course Registration 安全漏洞

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter studentname in the file /admin/student-registration.php. An...

PT-2025-35410

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Course Registration version 3.1 Description: A vulnerability exists in PHPGurukul Online Course Registration version 3.1. The vulnerability is due to SQL injection in the /admin/student-registration.php file. Manipulation of...

CVE-2025-54926

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges uploads a malicious file over HTTP which then gets executed...

CVE-2025-54926

CVE-2025-54926 affects Schneider Electric EcoStruxure Power Monitoring Expert (and Power Operation) with a directory traversal vulnerability that may enable remote code execution. The issue stems from improper validation in path handling (GetTgmlContent) and requires authenticated admin privilege...

Zoo Management System admin/add-foreigner-ticket.php File Cross-Site Scripting Vulnerability

Zoo Management System is a zoo management system. Zoo Management System has a cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the parameter visitorname in the file /admin/add-foreigner-ticket.php, which can be...

PT-2025-33859 · Itsourcecode · Sports Club Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Sports Management System version 1.0 Description: A SQL injection issue exists in itsourcecode Sports Management System version 1.0. The issue is located in an unknown function within the /Admin/sports.php file. Manipulation of t...

CVE-2025-8954

A vulnerability was identified in PHPGurukul Hospital Management System 4.0. This affects an unknown part of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-8968

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapproveuser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The explo...

CVE-2025-8852

A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to information exposure through error message. It is possible to initiate the attack remotely. The exploit ha...

CVE-2025-8852

A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to information exposure through error message. It is possible to initiate the attack remotely. The exploit ha...