742 matches found
CVE-2025-40728
SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customersupport/manageuser.php endpoint...
CVE-2025-40655
CVE-2025-40655 describes a SQL injection in DM Corporative CMS exploitable through the name parameter of /antcatalogue.asp, enabling an attacker to retrieve, create, update, and delete data in the back-end database. The vulnerability is documented across multiple sources (NVD, Red Hat, CNVD/CNNVD...
CVE-2025-5840
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...
CVE-2025-5840
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...
CVE-2025-5840
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...
CVE-2025-5840 SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...
CVE-2025-5840 SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...
CVE-2025-5840
SourceCodester Client Database Management System 1.0 contains a vulnerability in the file /user_update_customer_order.php where the uploaded_file parameter can be manipulated to achieve unrestricted file upload. This remote-access flaw could allow an attacker to upload arbitrary files, potentiall...
PT-2025-24347 · Unknown · Sourcecodester Client Database Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Client Database Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Client Database Management System. This issue affects an unknown part of the file /user update customer...
CVE-2025-5299
A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...
CVE-2025-5207
A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...
CVE-2025-5299
A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...
CVE-2025-5299 SourceCodester Client Database Management System user_order_customer_update.php unrestricted upload
A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...
CVE-2025-5299
CVE-2025-5299 affects SourceCodester Client Database Management System v1.0. The vulnerability is in the file /user_order_customer_update.php, where manipulating the argument uploaded_file_cancelled enables unrestricted file upload. Exploitation is possible remotely and exploits have been disclos...
CVE-2025-5207
A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...
CVE-2025-5207 SourceCodester Client Database Management System superadmin_update_profile.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...
CVE-2025-5207 SourceCodester Client Database Management System superadmin_update_profile.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...
CVE-2025-5207
CVE-2025-5207 affects SourceCodester Client Database Management System 1.0. The vulnerability is an SQL injection in the file /superadmin_update_profile.php triggered by manipulating the nickname/email parameters, potentially exploitable remotely. Multiple connected sources corroborate the issue’...
PT-2025-22937 · Unknown · Sourcecodester Client Database Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Client Database Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Client Database Management System. The issue affects an unknown functionality of the file /superadmin upda...
CVE-2024-7458
A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue affects some unknown processing of the file /api/deploy/upload /api/database/upload of the component Database Management/Deployment Management. The manipulation of the argument file leads to path traversa...