CVE-2026-39110

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...

CVE-2024-44660

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php...

EUVD-2021-32810

Malicious code in bioql PyPI...

EUVD-2024-22543

Malicious code in bioql PyPI...

PHPGurukul Complaint Management System 安全漏洞

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements for the fullname, email, and contactno parameters in user/registration.php. An...

CVE-2024-25207

Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php. This vulnerabiity allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Park Ticketing Management System /forgot-password.php File SQL Injection Vulnerability

Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter email/contactno in the file /forgot-password.php. A...

Zoo Management System /admin/profile.php File SQL Injection Vulnerability

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter contactnumber in the file /admin/profile.php. An attacker can exploit this...

PT-2025-21832 · Unknown · Phpgurukul Beauty Parlour Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.1 Description: A critical vulnerability was found in the PHPGurukul Beauty Parlour Management System. The issue affects an unknown functionality of the file /admin/admin-profile.php. The...

PHPGurukul Park Ticketing Management System 注入漏洞

Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter email/contactno in the file /forgot-password.php. A...

COVID19 Testing Management System password-recovery.php File SQL Injection Vulnerability

The COVID19 Testing Management System is a new crown pneumonia testing management system. COVID19 Testing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter contactno in the file...

e-Diary Management System password-recovery.php File SQL Injection Vulnerability

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from a missing validation of externally entered SQL statements in the parameter username/contactno of the password-recovery.php file. An...

Art Gallery Management System admin-profile.php File SQL Injection Vulnerability

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter contactnumber of /admin/admin-profile.php. An attacker can...

PHPGurukul Art Gallery Management System 注入漏洞

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter contactnumber of /admin/admin-profile.php. An attacker can...

CVE-2025-25354

A SQL Injection was found in /admin/admin-profile.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactnumber POST request parameter...

CVE-2025-25389

A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter...

Cross site scripting

Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php. This vulnerabiity allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2024-25207

Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php. This vulnerabiity allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2024-25207

Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php. This vulnerabiity allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

PT-2024-20816 · Unknown · Barangay Population Monitoring System

Name of the Vulnerable Software and Affected Versions: Barangay Population Monitoring System version 1.0 Description: The system contains a cross-site scripting XSS vulnerability in the Add Resident function at "/barangay-population-monitoring-system/masterlist.php". This issue allows attackers t...