Lucene search
K

408 matches found

Vulnrichment
Vulnrichment
added 2025/09/23 5:2 a.m.3 views

CVE-2025-10840 SourceCodester Pet Grooming Management Software print-payment.php sql injection

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/print-payment.php. This manipulation of the argument sql111 causes sql injection. The attack can be initiated remotely. The exploit has been made available to...

6.5CVSS6.7AI score0.00437EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/23 12:0 a.m.4 views

PT-2025-39094

Name of the Vulnerable Software and Affected Versions Campcodes Online Beauty Parlor Management System version 1.0 Description A security flaw exists in Campcodes Online Beauty Parlor Management System 1.0. The issue involves a SQL injection impacting an unknown functionality within the...

8.8CVSS6.5AI score0.00351EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.6 views

PT-2025-39073

Name of the Vulnerable Software and Affected Versions code-projects Hostel Management System version 1.0 Description A flaw exists in code-projects Hostel Management System 1.0 where manipulation of the Home argument in a file, /justines/admin/mod reports/index.php, leads to a SQL injection. This...

9.8CVSS7.3AI score0.00384EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.7 views

PT-2025-38381

Name of the Vulnerable Software and Affected Versions itsourcecode Online Discussion Forum version 1.0 Description A security issue exists in itsourcecode Online Discussion Forum. Manipulation of the ID argument in the /members/compose msg admin.php file can lead to SQL injection. The attack can ...

9.8CVSS7.2AI score0.00401EPSS
Exploits1References7
OSV
OSV
added 2025/09/17 5:15 p.m.5 views

CVE-2025-10601

A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. Affected is an unknown function of the file /admin/index.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...

9.8CVSS5.7AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/17 2:2 p.m.2 views

CVE-2025-10594 SourceCodester Online Student File Management System delete_student.php sql injection

A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deletestudent.php. Executing manipulation of the argument studid can lead to sql injection. It is possible to launch the attack remotely...

6.5CVSS6.7AI score0.00311EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/17 12:0 a.m.4 views

itsourcecode E-Commerce Website 代码问题漏洞

itsourcecode E-Commerce Website is an e-commerce website by itsourcecode open source. A code issue vulnerability exists in version 1.0 of itsourcecode E-Commerce Website, which stems from an incorrect operation of the file /admin/products.php, which could lead to remote arbitrary file uploads...

8.8CVSS6.7AI score0.00328EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/15 3:32 a.m.9 views

CVE-2025-10424 1000projects Online Student Project Report Submission and Evaluation System faculty_controller.php unrestricted upload

A vulnerability was determined in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an unknown function of the file /admin/controller/facultycontroller.php. This manipulation of the argument newimage causes unrestricted upload. The attack is...

7.5CVSS0.00424EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/10 12:34 a.m.59 views

CVE-2025-56630

FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...

7.3CVSS8.1AI score0.00201EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 2:2 a.m.15 views

CVE-2025-10121

CVE-2025-10121 affects uverif up to 3.2, with the vulnerability in the addbatch function of /admin/kami_list. Manipulating the note argument enables SQL injection, and remote exploitation is possible. The exploit has been published and may be used. Public sources (Red Hat, CISA ecosystem referenc...

6.5CVSS6.4AI score0.00229EPSS
Exploits0References4
CVE
CVE
added 2025/09/04 11:9 a.m.11 views

CVE-2025-41037

Summary (CVE-2025-41037, appRain CMF): A stored authenticated XSS exists in appRain CMF version 4.0.5 due to insufficient validation of input in the parameter data[FileManager][search] at /apprain/admin/filemanager. The vulnerability stems from improper validation of user input, enabling injectio...

5.4CVSS5.7AI score0.00197EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2025/09/04 12:0 a.m.3 views

Beauty Parlour Management System edit-services.php File SQL Injection Vulnerability

Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in t...

9.8CVSS7.9AI score0.00387EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/09/03 4:2 p.m.3 views

CVE-2025-9919 1000projects Beauty Parlour Management System bwdates-reports-details.php sql injection

A vulnerability was identified in 1000projects Beauty Parlour Management System 1.0. This affects an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploi...

7.5CVSS7.3AI score0.00423EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/09/03 7:14 a.m.5 views

CVE-2025-9766

A vulnerability was found in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/facilitator.php. Performing manipulation of the argument code results in sql injection. Remote exploitation of the attack is possible. The exploit has been made...

9.8CVSS7.2AI score0.0055EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/03 6:24 a.m.5 views

CVE-2025-9765

A vulnerability has been found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/tournamentdetails.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

9.8CVSS7.3AI score0.00387EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.7 views

PT-2025-35726

Name of the Vulnerable Software and Affected Versions: phpgurukul Complaint Management System version 2.0 Description: The phpgurukul Complaint Management System is susceptible to a Cross Site Scripting XSS issue. This issue occurs in the admin/subcategory.php file through the categoryName...

7.2CVSS6AI score0.00584EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/09/02 8:32 p.m.2 views

CVE-2025-9831 PHPGurukul Beauty Parlour Management System edit-services.php sql injection

A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. This impacts an unknown function of the file /admin/edit-services.php. This manipulation of the argument sername causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

7.5CVSS6.8AI score0.00387EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.11 views

PT-2025-35611

Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.1 Description: A security flaw exists in PHPGurukul Beauty Parlour Management System 1.1. The issue is related to SQL injection within an unknown function of the...

9.8CVSS7.3AI score0.00387EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/09/01 12:0 a.m.4 views

itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in ddlBranch, a parameter of the Setting Handler component in file...

9.8CVSS7.8AI score0.00384EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/09/01 12:0 a.m.11 views

itsourcecode Sports Management System 安全漏洞

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /Admin/resultdetails.php. An attacker can exploit this vulnerabili...

9.8CVSS7.8AI score0.00387EPSS
Exploits1References7
Rows per page
Query Builder