Library System approve.php File SQL Injection Vulnerability

Library System is a library system. Library System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ID of the file /approve.php. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...

Code-Projects Church Donation System 注入漏洞

The Church Donation System is a system of church giving. The Church Donation System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter trcode in the file /members/offering.php. An attacker can exploit this...

Job Diary view-details.php file SQL Injection Vulnerability

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from an error in the parameter jobid in the file /view-details.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL...

Vehicle Parking Management System print.php File SQL Injection Vulnerability

Vehicle Parking Management System is a parking management system. Vehicle Parking Management System suffers from a SQL injection vulnerability that stems from an error in the parameter vid in the file /users/print.php that lacks validation of externally entered SQL statements. An attacker can...

Modern Bag product-detail.php file SQL Injection Vulnerability

Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter ID in the file /product-detail.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal S...

CVE-2025-7751

A vulnerability has been found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/addclinic.php. The manipulation of the argument cid leads to sql injection. The attack can be launched...

WordPress plugin Torod SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. WordPress Torod suffers from a SQL injection vulnerability that stems from improper handling of special elements of SQL commands, which can be exploited by an attacker to...

Riverbed SteelCentral NetProfiler 安全漏洞

Riverbed SteelCentral NetProfiler is a network performance management software from Riverbed, USA. A security vulnerability exists in Riverbed SteelCentral NetProfiler version 10.8.7 that stems from SQL injection and command injection and could lead to remote code execution...

CVE-2025-7608

A vulnerability, which was classified as critical, was found in code-projects Simple Shopping Cart 1.0. Affected is an unknown function of the file /userlogin.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

ExpressionEngine: SQL injection in structure plugin

An SQL injection flaw was discovered in ExpressionEngine's Structure plugin. User input from the channelids parameter was passed directly into SQL queries without proper sanitization. The vulnerability required admin panel access...

CVE-2025-7514

A vulnerability was found in code-projects Modern Bag 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/contact-list.php. The manipulation of the argument idStatus leads to sql injection. The attack may be launched remotely. The exploit ha...

Code-Projects Modern Bag 注入漏洞

Code-Projects Modern Bag is an online management system from Code-Projects open source. An injection vulnerability exists in Code-Projects Modern Bag version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter idSlide in the file /admin/slide.php...

Bykea: MongoDB Query Logs & Schema Leak via Unauthenticated Endpoint

MongoDB Query Logs & Schema Leak via Unauthenticated Endpoint An unauthenticated health check endpoint was discovered that exposed basic system and infrastructure details...

Code-Projects Modern Bag 注入漏洞

Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter proId in file /action.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL comman...

Code-Projects Responsive Blog Site 注入漏洞

Code-Projects Responsive Blog Site is a responsive blog site from Code-Projects open source. Code-Projects Responsive Blog Site version 1.0 suffers from an injection vulnerability that stems from SQL injection due to incorrect manipulation of the parameter ID in the file /category.php...

Code-Projects E-Commerce Site Security Vulnerability

Code-Projects E-Commerce Site is an e-commerce site of Code-Projects open source. A security vulnerability exists in version 1.0 of the code-projects Library System, which stems from improper manipulation of the parameter idn in the file /teacher-issue-book.php, which could lead to an SQL injecti...

Library System profile.php File SQL Injection Vulnerability

Library System is a library system. The Library System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter phone in the file /profile.php. An attacker can exploit this vulnerability to execute illegal SQL...

PHPGurukul Zoo Management System 注入漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter viewid in file /admin/view-normal-ticket.php. An attacker can exploit this...

Code-Projects Daily Expense Manager SQL注入漏洞

Daily Expense Manager is a daily expense management system. Daily Expense Manager suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements for the parameters pname, pprice, and id in the file /update.php. No details of the vulnerabilit...

Inventory Management System orders.php File SQL Injection Vulnerability

Inventory Management System is an inventory management system. The Inventory Management System suffers from a SQL injection vulnerability that originates from a parameter i in the file /orders.php that is not securely filtered. An attacker can exploit this vulnerability by remotely injecting...