CVE-2018-25348

CVE-2018-25348 concerns the Joomla! extension Ek Rishta 2.10 , where an SQL injection vulnerability exists in the user_detail view through the cid parameter. Unauthenticated attackers can manipulate database queries by supplying malicious cid values, enabling extraction of sensitive information. ...

WordPress plugin WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The WordPres...

CVE-2026-5234

The LatePoint WordPress plugin (versions

EUVD-2026-21780

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2026-6151

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...

Code-Projects Vehicle Showroom Management System SQL注入漏洞

The Code-Projects Vehicle Showroom Management System is an open-source vehicle exhibition hall management system developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from improper handling...

Code-Projects Simple Gym Management System SQL注入漏洞

Code-Projects Simple Gym Management System is an open-source gym management system developed by Code-Projects. Version 1.0 of the Code-Projects Simple Gym Management System has a SQL injection vulnerability. This vulnerability arises from incorrect operations on parameters such as...

Code-Projects Online Appointment Booking System 注入漏洞

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System has a SQL injection vulnerability that originates from improper handling of the parameter cid in the file /admin/addclinic.php, no details of the vulnerability are available at this time...

Campcodes Sales and Inventory System 安全漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. A security vulnerability exists in Campcodes Sales and Inventory System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter cid in the file /pages/paymentadd.php...

CVE-2023-31939

SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomerid parameter at customeredit.php...

CVE-2022-47862

Lead Management System v1.0 is vulnerable to SQL Injection via the customerid parameter in ajaxrepresent.php...

WordPress Plugin Appointment Booking Calendar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Plugin WP ERP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

UBUNTU-CVE-2023-5421

An attacker who is logged into OTRS as an user with privileges to create and change customer user data may manipulate the CustomerID field to execute JavaScript code that runs immediatly after the data is saved.The issue onlyoccurs if the configuration for AdminCustomerUser::UseAutoComplete was...

Canteen Management System SQL注入漏洞

Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. A security vulnerability exists in Canteen Management System that stems from an incorrect manipulation of the parameter customerid resulting in sql injection...

CVE-2022-40114

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/editcustomer.php...

PT-2020-9881 · Fasttrack · Fasttrack Admin By Request

Name of the Vulnerable Software and Affected Versions: FastTrack Admin By Request version 6.1.0.0 Description: The issue concerns the elevation of privileges to Administrator level. Normally, group policies restrict this ability to a select range of users. However, when a user without direct acce...

DEBIAN-CVE-2009-5055

Open Ticket Request System OTRS before 2.4.4 grants ticket access on the basis of single-digit substrings of the CustomerID value, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by visiting a ticket, as demonstrated by leveraging the...

CVE-2009-5055

Open Ticket Request System OTRS before 2.4.4 grants ticket access on the basis of single-digit substrings of the CustomerID value, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by visiting a ticket, as demonstrated by leveraging the...