Code-Projects Online Food Ordering System 代码注入漏洞

The Code-Projects Online Food Ordering System is an open-source online ordering system developed by Code-Projects. Version 1.0 of the Code-Projects Online Food Ordering System contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter “Name” in the...

CVE-2022-27420

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the patientcontact parameter in patientsearch.php...

CVE-2025-15211

A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown function of the file /home/refugee.php. Executing manipulation of the argument refNo/Fname/Lname/sex/age/contact/nationalitynid can lead to sql injection. The attack can be executed remotely. The...

CVE-2025-11469

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/savecustomer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11469 SourceCodester Hotel and Lodge Management System save_customer.php sql injection

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/savecustomer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11469

SourceCodester Hotel and Lodge Management System 1.0 contains a SQL injection flaw in /pages/save_customer.php caused by manipulation of the Contact parameter. It is exploitable remotely and publicly available, with potential high impact (as per CVSS data). No patch/version remediation details ar...

PT-2025-41242

Name of the Vulnerable Software and Affected Versions SourceCodester Hotel and Lodge Management System version 1.0 Description A flaw exists in SourceCodester Hotel and Lodge Management System 1.0. Manipulation of the Contact argument in an unknown function within the /pages/save customer.php fil...

EUVD-2018-16860

Malware in sbrugna...

EUVD-2008-4103

Malware in sbrugna...

EUVD-2025-31742

Malicious code in bioql PyPI...

EUVD-2025-27104

Malicious code in bioql PyPI...

CVE-2025-28016

A Reflected Cross-Site Scripting XSS vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the fname, lname, and contact parameters...

CVE-2025-28016

A Reflected Cross-Site Scripting XSS vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the fname, lname, and contact parameters...

CVE-2025-28016

A Reflected Cross-Site Scripting XSS vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the fname, lname, and contact parameters...

CVE-2025-28016

A Reflected Cross-Site Scripting XSS vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the fname, lname, and contact parameters...

CVE-2025-28016

The CVE-2025-28016 entry concerns the PHPGurukul User Registration & Login and User Management System v3.3. A Reflected Cross-Site Scripting (XSS) vulnerability exists in loginsystem/edit-profile.php, allowing remote attackers to execute arbitrary JavaScript via the fname, lname, and contact para...

PT-2025-39993

Name of the Vulnerable Software and Affected Versions PHPGurukul User Registration & Login and User Management System version 3.3 Description A Reflected Cross-Site Scripting XSS issue exists in the loginsystem/edit-profile.php file. This allows remote attackers to execute arbitrary JavaScript co...

CVE-2025-10079

CVE-2025-10079 affects PHPGurukul Small CRM 4.0. The vulnerability is in the file /get-quote.php where manipulation of the contact parameter (Contact) enables a SQL injection. The issue can be exploited remotely, with exploit activity described as published and potentially usable in the wild. Doc...

PHPGurukul Small CRM SQL注入漏洞

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability, which originates from the /get-quote.php file, which does not perform security filtering on the Contact parameter. An attacker can exploit this vulnerability to illegally manipulate the...

PT-2025-36427

Name of the Vulnerable Software and Affected Versions: PHPGurukul Small CRM version 4.0 Description: A SQL injection flaw exists in PHPGurukul Small CRM version 4.0. The issue is located in the /get-quote.php file, where manipulation of the Contact argument can lead to SQL injection. This attack...