140 matches found
CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection
A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...
CVE-2025-69768
SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker to obtain sensitive information via the Admin.php component...
Chyrp 安全漏洞
Chyrp is a lightweight blog engine developed by Chyrp OpenSource. Versions of Chyrp 2.5.2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from an SQL injection vulnerability in the Admin.php component, which could allow remote attackers to obtain sensitive informatio...
CVE-2025-69768
The provided connected documents confirm a concrete vulnerability in Chyrp: SQL Injection in the Admin.php component affecting Chyrp v2.5.2 and earlier. The root cause is an SQLi flaw in Admin.php that could allow a remote attacker to obtain sensitive information. The CVSS details from the Initia...
CVE-2025-69768
SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker to obtain sensitive information via the Admin.php component...
PT-2026-25787
SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker to obtain sensitive information via the Admin.php component...
EUVD-2026-11546
A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file addadmin.php. Such manipulation leads to improper authorization. The attack may be launched remotely...
itsourcecode Society Management System SQL注入漏洞
itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the adminid parameter in the...
Fishing Reservation System SQL注入漏洞
The Fishing Reservation System is a fishing reservation system developed by Fishing Reservation Company. Version 7.5 of the Fishing Reservation System has a SQL injection vulnerability. This vulnerability stems from multiple remote SQL injection vulnerabilities present in the admin.php, cart.php,...
CVE-2021-47918
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...
CVE-2021-47916
The EUVD entry EUVD-2021-34755 documents a vulnerability in Simple CMS 2.1: a remote SQL injection that lets an attacker inject unvalidated SQL via the users module, exploiting unvalidated input in admin.php to compromise the database management system and the web application. The connected docum...
CVE-2021-47916
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
PT-2026-5563
Name of the Vulnerable Software and Affected Versions Simple CMS version 2.1 Description The Simple CMS software contains a remote SQL injection issue. Privileged attackers can inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php...
Simple CMS SQL注入漏洞
Simple CMS is an open-source content management system developed using Simple PHP scripts. Version 2.1 of Simple CMS has a SQL injection vulnerability, which stems from unvalidated input parameters in the admin.php file, potentially leading to SQL injection attacks...
CVE-2026-0697
A flaw has been found in code-projects Intern Membership Management System 1.0. The impacted element is an unknown function of the file /intern/admin/editadmin.php. This manipulation of the argument adminid causes sql injection. The attack may be initiated remotely. The exploit has been published...
CVE-2026-0728 code-projects Intern Membership Management System delete_admin.php sql injection
A security vulnerability has been detected in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /intern/admin/deleteadmin.php. Such manipulation of the argument adminid leads to sql injection. The attack may be launched remotely. The...
CVE-2026-0700
A vulnerability was determined in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /intern/admin/checkadmin.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been...
CVE-2026-0697
A flaw has been found in code-projects Intern Membership Management System 1.0. The impacted element is an unknown function of the file /intern/admin/editadmin.php. This manipulation of the argument adminid causes sql injection. The attack may be initiated remotely. The exploit has been published...
CVE-2026-0697 code-projects Intern Membership Management System edit_admin.php sql injection
A flaw has been found in code-projects Intern Membership Management System 1.0. The impacted element is an unknown function of the file /intern/admin/editadmin.php. This manipulation of the argument adminid causes sql injection. The attack may be initiated remotely. The exploit has been published...
Code-Projects Intern Membership Management System SQL注入漏洞
Intern Membership Management System is an intern membership management system. The Intern Membership Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter Username in the file /intern/admin/addadmin.php for externally entered SQL...