22 matches found
CVE-2026-39110
SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...
CVE-2026-39110
SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...
CVE-2026-39110
The CVE-2026-39110 entry concerns the Apartment Visitors Management System (Version 1.1). A SQL Injection flaw exists in the forgot-password.php page, specifically in the contactno parameter, allowing an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...
CVE-2026-39110
SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...
Online Shopping Portal login.php File SQL Injection Vulnerability
Online Shopping Portal is an online store system. A SQL injection vulnerability exists in Online Shopping Portal due to a lack of validation of externally-entered SQL statements for the fullname, emailid, and contactno parameters in login.php. An attacker can exploit this vulnerability to execute...
CVE-2024-44660
PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php...
CVE-2024-44660
PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php...
PHPGurukul Online Shopping Portal 安全漏洞
Online Shopping Portal is an online store system. A SQL injection vulnerability exists in Online Shopping Portal due to a lack of validation of externally-entered SQL statements for the fullname, emailid, and contactno parameters in login.php. An attacker can exploit this vulnerability to execute...
PT-2025-47197
Name of the Vulnerable Software and Affected Versions PHPGurukul Online Shopping Portal version 2.0 Description The PHPGurukul Online Shopping Portal version 2.0 is susceptible to SQL Injection. This issue affects the login.php file and specifically involves the fullname, emailid, and contactno...
Apartment Visitors Management System contactno Parameter SQL Injection Vulnerability
Apartment Visitors Management System is an apartment visitor management system. The Apartment Visitors Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the contactno parameter against externally entered SQL statements. An attacker can use this...
PHPGurukul Apartment Visitors Management System 注入漏洞
Apartment Visitors Management System is an apartment visitor management system. The Apartment Visitors Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the contactno parameter against externally entered SQL statements. An attacker can use this...
PT-2025-7089 · Unknown · Phpgurukul Land Record System
Name of the Vulnerable Software and Affected Versions: Phpgurukul Land Record System version 1.0 Description: A SQL Injection issue was found in the /admin/forgot-password.php endpoint, allowing remote attackers to execute arbitrary code via the contactno POST request parameter. This enables...
CVE-2025-25389
CVE-2025-25389 is a SQL Injection vulnerability in Phpgurukul Land Record System v1.0, exploitable via the /admin/forgot-password.php endpoint and the contactno POST parameter. The issue allows remote attackers to execute arbitrary code and has a CVSSv3.1 base score of 9.8 (CRITICAL) with network...
CVE-2024-53603
A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter...
CVE-2024-42918
itsourcecode Online Accreditation Management System contains a Cross Site Scripting vulnerability, which allows an attacker to execute arbitrary code via a crafted payload to the SCHOOLNAME, EMAILADDRES, CONTACTNO, COMPANYNAME and COMPANYCONTACTNO parameters in controller.php...
PT-2023-26606 · Unknown · Campcodes Beauty Salon Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Beauty Salon Management System version 1.0 Description: A critical vulnerability was found in the system, affecting an unknown functionality of the file /admin/forgot-password.php. The manipulation of the contactno argument leads to...
PT-2023-26611 · Unknown · Campcodes Beauty Salon Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Beauty Salon Management System version 1.0 Description: A critical issue has been found in the system, affecting some unknown functionality of the file /admin/edit-accepted-appointment.php. The manipulation of the contactno argument...
Campcodes Beauty Salon Management System SQL注入漏洞
Campcodes Beauty Salon Management System is a beauty salon management system from Campcodes. A SQL injection vulnerability exists in Campcodes Beauty Salon Management System version 1.0, which originates from an unknown function in /admin/forgot-password.php, which causes a sql injection via the...
Campcodes Beauty Salon Management System SQL注入漏洞
Campcodes Beauty Salon Management System is a beauty salon management system from Campcodes. A SQL injection vulnerability exists in Campcodes Beauty Salon Management System version 1.0, which originates from an unknown function in /admin/edit-accepted-appointment.php, which results in a sql...
Sql injection
Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection vulnerabilities via the email and contactno parameters...