CVE-2025-2648

A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.0. This affects an unknown part of the file /admin/view-enquiry-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The explo...

SourceCodester Best Church Management Software 代码问题漏洞

SourceCodester Best Church Management Software is an open source church management software from SourceCodester. A code issue vulnerability exists in version 1.0 of SourceCodester Best Church Management Software, which stems from improper manipulation of the photo/photo1 parameter in the...

Curfew e-Pass Management System /admin/search-pass.php File SQL Injection Vulnerability

Curfew e-Pass Management System is an electronic pass management system. The Curfew e-Pass Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the /admin/search-pass.php file parameter searchdata. An...

PT-2025-10752 · Mrcms · Mrcms

Name of the Vulnerable Software and Affected Versions: MRCMS version 3.1.2 Description: A problem was found in the rename function of the /admin/file/rename.do file in the org.marker.mushroom.controller.FileController component. The manipulation of the name/path argument leads to cross-site...

CVE-2025-1966

A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The...

CVE-2025-1873 SQL injection vulnerability in 101news

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagetitle" and "pagedescription" parameters in admin/contactus.php...

CVE-2025-1582

A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/all-request.php. The manipulation of the argument viewid leads to sql injection. The attack may be launched remotely. The...

PT-2025-7669 · Unknown · Phpgurukul Online Nurse Hiring System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Nurse Hiring System version 1.0 Description: A critical vulnerability has been found in the PHPGurukul Online Nurse Hiring System. This issue affects an unknown part of the file /admin/search-report-details.php. The...

PT-2025-7580 · Itsourcecode · Itsourcecode Simple Chatbox

Name of the Vulnerable Software and Affected Versions: ITSourcecode Simple ChatBox versions up to 1.0 Description: A vulnerability was found in the ITSourcecode Simple ChatBox, affecting unknown code of the file /admin.php. The attack can use SQL injection to obtain sensitive data. Recommendation...

CVE-2024-31280

Unrestricted Upload of File with Dangerous Type vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.1.5...

bootplus 代码注入漏洞

bootplus is a privilege management framework by JoeyBling Personal Developer. A code injection vulnerability exists in bootplus, which originates from the file /admin/sys/admin.html that can lead to cross-site scripting...

CVE-2025-0489

A vulnerability classified as critical was found in Fanli2012 native-php-cms 1.0. This vulnerability affects unknown code of the file /fladmin/friendlinkdodel.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...

PT-2025-3802 · Unknown · Codezips Blood Bank Management System

Name of the Vulnerable Software and Affected Versions: Codezips Blood Bank Management System version 1.0 Description: A critical issue affects some unknown functionality of the file /successadmin.php. The manipulation of the argument psw leads to SQL injection. The attack may be launched remotely...

PT-2024-17868 · Unknown · Code-Projects Responsive Hotel Site

Name of the Vulnerable Software and Affected Versions: code-projects Responsive Hotel Site version 1.0 Description: A critical issue has been found in the code-projects Responsive Hotel Site, affecting an unknown functionality of the file /admin/newsletter.php. The manipulation of the eid argumen...

PT-2024-17271 · Unknown · Phpgurukul User Registration & Login/User Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul User Registration & Login and User Management System version 1.0 Description: A critical issue affects some unknown functionality of the file /admin/index.php. The manipulation of the username argument leads to SQL injection. The...

PT-2024-17124 · Unknown · 1000 Projects Beauty Parlour Management System

Name of the Vulnerable Software and Affected Versions: 1000 Projects Beauty Parlour Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file /admin/add-services.php. The manipulation of the sername argument leads to SQL injection. ...

CVE-2024-52770

An arbitrary file upload vulnerability in the component /admin/filemanagecontrol of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-52771

DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/filemanageview...

User Management System /ums-sp/admin/registered-users.php File Cross-Site Scripting Vulnerability

User Management System is a user management system. User Management System suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the file /ums-sp/admin/registered-users.php, which can be exploited by an attacke...

PT-2024-16779 · Unknown · Code-Projects Job Recruitment

Name of the Vulnerable Software and Affected Versions: code-projects Job Recruitment version 1.0 Description: A critical issue has been found in the code-projects Job Recruitment software. The problem affects an unknown functionality of the file admin.php. The manipulation of the userid argument...