CVE-2025-67147

Multiple SQL Injection vulnerabilities exist in amansuryawanshi Gym-Management-System-PHP 1.0 via the 'name', 'email', and 'comment' parameters in 1 submitcontact.php, the 'username' and 'passkey' parameters in 2 securelogin.php, and the 'loginid', 'pwfield', and 'loginkey' parameters in 3...

PHPGurukul Student Record System 安全漏洞

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from a lack of validation of the currentpassword parameter in change-password.php against an externally entered SQL statement. An attacker can exploit this vulnerability to...

EUVD-2024-55083

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the currentpassword parameter in change-password.php...

EUVD-2025-12634

Malicious code in bioql PyPI...

EUVD-2024-16158

Malicious code in bioql PyPI...

CVE-2025-8931

A vulnerability was determined in code-projects Medical Store Management System 1.0. Affected is an unknown function of the file ChangePassword.java. The manipulation of the argument newPassTxt leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to...

CVE-2025-8931 code-projects Medical Store Management System ChangePassword.java sql injection

A vulnerability was determined in code-projects Medical Store Management System 1.0. Affected is an unknown function of the file ChangePassword.java. The manipulation of the argument newPassTxt leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to...

CVE-2025-8931

CVE-2025-8931 affects code-projects Medical Store Management System 1.0. The vulnerability is a SQL injection in ChangePassword.java, caused by unsafely using the newPassTxt parameter. It can be exploited remotely, and public disclosures exist. Documented impact is SQL data access/editability; ho...

CVE-2025-5226 PHPGurukul Small CRM change-password.php sql injection

A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-password.php. The manipulation of the argument oldpass leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-5226 PHPGurukul Small CRM change-password.php sql injection

A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-password.php. The manipulation of the argument oldpass leads to sql injection. The attack can be initiated remotely. The exploit has been...

SourceCodester Stock Management System 注入漏洞

SourceCodester Stock Management System is a SourceCodester open source inventory management system. An injection vulnerability exists in SourceCodester Stock Management System version 1.0, which originates from an SQL injection caused by the operation of the parameter userid in the file...

Student Record System change-password.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter currentpassword in the file /change-password.php. An attacker can exploit this...

Hostel Management System change-password.php File Session Hijacking Vulnerability

Hostel Management System is a hostel management system. Hostel Management System has a session hijacking vulnerability that stems from improper handling of session data in the file /hostel/change-password.php, no details of the vulnerability are available at this time...

PHPGurukul Men Salon Management System 注入漏洞

PHPGurukul Men Salon Management System is a men's salon management system from PHPGurukul. An injection vulnerability exists in version 2.0 of the PHPGurukul Men Salon Management System, which originates from a SQL injection attack due to a misuse of the file /admin/change-password.php...

CVE-2025-45947

An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary code via the /obbs/change-password.php file of the My Account - Change Password component...

CVE-2025-3822

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file changepassword.php. The manipulation of the argument txtconfirmpassword/txtnewpassword/txtoldpassword leads to cro...

Unspecified Vulnerability in Online Library Management System (CNVD-2025-21692)

Online Library Management System is an online library management system. A security vulnerability exists in the Online Library Management System, which originates from improper manipulation of the email/phone number parameter in the /change-password.php file, and can be exploited by an attacker t...

CVE-2025-2093 PHPGurukul Online Library Management System change-password.php password recovery

A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /change-password.php. The manipulation of the argument email/phone number leads to weak password recovery. The...

PT-2024-16082 · Code Projects · Hospital Management System

Name of the Vulnerable Software and Affected Versions: code-projects Hospital Management System version 1.0 Description: A critical vulnerability was found in the Hospital Management System, affecting unknown code of the file change-password.php. The manipulation of the argument cpass leads to SQ...

PT-2024-36488 · Unknown · Itsourcecode Online Blood Bank Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Blood Bank Management System version 1.0 Description: A critical issue affects some unknown functionality of the file changepwd.php. The manipulation of the useremail argument leads to sql injection. The attack may be...