itsourcecode Sports Management System 安全漏洞

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/mode.php. An attacker can exploit this vulnerability...

CVE-2025-9531

A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument codagenda results in sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2025-9531 Portabilis i-Educar Agenda agenda.php sql injection

A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument codagenda results in sql injection. It is possible to initiate the attack remotely. The exploit...

UTCMS 安全漏洞

UTCMS is a content management system built on the UT framework by the individual developer of usaltool. A security vulnerability exists in UTCMS version 9, which stems from an improper comparison of the code parameter in the file app/modules/ut-frame/admin/login.php...

itsourcecode Sports Management System 注入漏洞

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/sports.php. An attacker can exploit this vulnerabili...

CVE-2025-8982

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument currcode leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-8982

The CVE affects itsourcecode Online Tour and Travel Management System 1.0, specifically the /admin/operations/currency.php file. The vulnerability arises from unsafely handling the curr_code parameter, enabling SQL injection. It is exploitable remotely, and public exploit disclosure exists. Multi...

Dairy Farm Shop Management System edit-category.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter categorycode in the file...

Tucows (VDP): Business Logic Error – Bypass of OTP Verification During Signup on hover.com

The Business Logic Error – Bypass of OTP Verification During Signup on hover.com was a vulnerability that allowed an attacker to register an account on www.hover.com using any email address without passing the required OTP verification. The vulnerability was caused by the ability to omit the code...

CVE-2025-7590

A vulnerability, which was classified as critical, has been found in PHPGurukul Dairy Farm Shop Management System 1.3. This issue affects some unknown processing of the file edit-category.php. The manipulation of the argument categorycode leads to sql injection. The attack may be initiated...

Simple Pizza Ordering System cashconfirm.php File SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter transactioncode in the file /cashconfirm.php. The vulnerability can ...

CVE-2025-6305

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been classified as critical. This affects an unknown part of the file /admin/adminfeature.php. The manipulation of the argument productcode leads to sql injection. It is possible to initiate the attack remotely. The exploit...

code-projects Online Shoe Store 注入漏洞

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter productcode in the file /admin/adminfeature.php. An attacker can exploit this...

CVE-2025-40656

A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the cod parameter in /administer/node-selection/data.asp...

CVE-2024-40536

Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 were discovered to contain a stack overflow via the pin3gcode parameter in the config3gpara function...

CVE-2023-2037

A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been classified as critical. This affects an unknown part of the file watch.php. The manipulation of the argument code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2022-22881

Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData...

CVE-2020-25875

A stored cross site scripting XSS vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter...

CVE-2019-16759

vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfigcode parameter in an ajax/render/widgetphp routestring request...

Code-Projects Departmental Store Management System 安全漏洞

Code-Projects Departmental Store Management System is an open source departmental store management system from Code-Projects. A security vulnerability exists in Code-Projects Departmental Store Management System version 1.0, which is caused by a stack-based buffer overflow due to the operation of...