408 matches found
CVE-2025-10840 SourceCodester Pet Grooming Management Software print-payment.php sql injection
A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/print-payment.php. This manipulation of the argument sql111 causes sql injection. The attack can be initiated remotely. The exploit has been made available to...
PT-2025-39094
Name of the Vulnerable Software and Affected Versions Campcodes Online Beauty Parlor Management System version 1.0 Description A security flaw exists in Campcodes Online Beauty Parlor Management System 1.0. The issue involves a SQL injection impacting an unknown functionality within the...
PT-2025-39073
Name of the Vulnerable Software and Affected Versions code-projects Hostel Management System version 1.0 Description A flaw exists in code-projects Hostel Management System 1.0 where manipulation of the Home argument in a file, /justines/admin/mod reports/index.php, leads to a SQL injection. This...
PT-2025-38381
Name of the Vulnerable Software and Affected Versions itsourcecode Online Discussion Forum version 1.0 Description A security issue exists in itsourcecode Online Discussion Forum. Manipulation of the ID argument in the /members/compose msg admin.php file can lead to SQL injection. The attack can ...
CVE-2025-10601
A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. Affected is an unknown function of the file /admin/index.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...
CVE-2025-10594 SourceCodester Online Student File Management System delete_student.php sql injection
A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deletestudent.php. Executing manipulation of the argument studid can lead to sql injection. It is possible to launch the attack remotely...
itsourcecode E-Commerce Website 代码问题漏洞
itsourcecode E-Commerce Website is an e-commerce website by itsourcecode open source. A code issue vulnerability exists in version 1.0 of itsourcecode E-Commerce Website, which stems from an incorrect operation of the file /admin/products.php, which could lead to remote arbitrary file uploads...
CVE-2025-10424 1000projects Online Student Project Report Submission and Evaluation System faculty_controller.php unrestricted upload
A vulnerability was determined in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an unknown function of the file /admin/controller/facultycontroller.php. This manipulation of the argument newimage causes unrestricted upload. The attack is...
CVE-2025-56630
FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...
CVE-2025-10121
CVE-2025-10121 affects uverif up to 3.2, with the vulnerability in the addbatch function of /admin/kami_list. Manipulating the note argument enables SQL injection, and remote exploitation is possible. The exploit has been published and may be used. Public sources (Red Hat, CISA ecosystem referenc...
CVE-2025-41037
Summary (CVE-2025-41037, appRain CMF): A stored authenticated XSS exists in appRain CMF version 4.0.5 due to insufficient validation of input in the parameter data[FileManager][search] at /apprain/admin/filemanager. The vulnerability stems from improper validation of user input, enabling injectio...
Beauty Parlour Management System edit-services.php File SQL Injection Vulnerability
Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in t...
CVE-2025-9919 1000projects Beauty Parlour Management System bwdates-reports-details.php sql injection
A vulnerability was identified in 1000projects Beauty Parlour Management System 1.0. This affects an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploi...
CVE-2025-9766
A vulnerability was found in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/facilitator.php. Performing manipulation of the argument code results in sql injection. Remote exploitation of the attack is possible. The exploit has been made...
CVE-2025-9765
A vulnerability has been found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/tournamentdetails.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...
PT-2025-35726
Name of the Vulnerable Software and Affected Versions: phpgurukul Complaint Management System version 2.0 Description: The phpgurukul Complaint Management System is susceptible to a Cross Site Scripting XSS issue. This issue occurs in the admin/subcategory.php file through the categoryName...
CVE-2025-9831 PHPGurukul Beauty Parlour Management System edit-services.php sql injection
A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. This impacts an unknown function of the file /admin/edit-services.php. This manipulation of the argument sername causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...
PT-2025-35611
Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.1 Description: A security flaw exists in PHPGurukul Beauty Parlour Management System 1.1. The issue is related to SQL injection within an unknown function of the...
itsourcecode Apartment Management System 安全漏洞
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in ddlBranch, a parameter of the Setting Handler component in file...
itsourcecode Sports Management System 安全漏洞
Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /Admin/resultdetails.php. An attacker can exploit this vulnerabili...