CVE-2024-42718

CVE-2024-42718 affects Croogo CMS 4.0.7 and is a path-traversal vulnerability that allows remote attackers to read arbitrary files via a crafted value in the edit-file parameter. The issue is documented across multiple feeds (Red Hat, CIRCL, OSV, NVD, etc.) with the same description. The CVE entr...

CVE-2025-14889

A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/votersedit.php of the component Password Handler. Performing a manipulation of the argument ID results in improper authorization. The attack is...

Currency Exchange System /edit.php File SQL Injection Vulnerability

Currency Exchange System is a currency exchange system. The Currency Exchange System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of file /edit.php. An attacker can exploit this vulnerability to execute...

CVE-2025-14214

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...

CVE-2025-14227

A security flaw has been discovered in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. This issue affects some unknown processing of the file /edit.php. The manipulation results in sql injection. The attack may be performed from remote. The exploit has been released to...

EUVD-2025-201696

A security flaw has been discovered in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. This issue affects some unknown processing of the file /edit.php. The manipulation results in sql injection. The attack may be performed from remote. The exploit has been released to...

CVE-2025-14215

A vulnerability was found in code-projects Currency Exchange System 1.0. This vulnerability affects unknown code of the file /edit.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-14215

A vulnerability was found in code-projects Currency Exchange System 1.0. This vulnerability affects unknown code of the file /edit.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-14215

The CVE-2025-14215 entry affects Currency Exchange System 1.0, specifically the /edit.php file where manipulating the ID parameter enables SQL injection. The vulnerability is remote and has public exploitation activity, with varied CVSS assessments (high/critical ranges) indicating potential impa...

CVE-2025-14214 itsourcecode Student Information System section_edit1.php sql injection

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...

CVE-2025-13581

A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /scheduleedit1.php. Such manipulation of the argument scheduleid leads to sql injection. The attack may be launched remotely. The exploit is public...

CVE-2025-13581

A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /scheduleedit1.php. Such manipulation of the argument scheduleid leads to sql injection. The attack may be launched remotely. The exploit is public...

itsourcecode Student Information System SQL注入漏洞

itsourcecode Student Information System is an itsourcecode open source student information system. The SQL injection vulnerability exists in itsourcecode Student Information System version 1.0, which stems from an incorrect manipulation of the scheduleid parameter in the file /scheduleedit1.php,...

Courier Management System search-edit.php File SQL Injection Vulnerability

Courier Management System is a courier management system. Courier Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter Consignment in the file /search-edit.php. An attacker can exploit this...

EUVD-2025-197888

A vulnerability was determined in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /enrollmentedit1.php. Executing manipulation of the argument enid can lead to sql injection. The attack may be performed from remote. The exploit has been publicl...

EUVD-2025-197901

A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

CVE-2025-13303 code-projects Courier Management System search-edit.php sql injection

A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

CVE-2025-13303 code-projects Courier Management System search-edit.php sql injection

A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

CVE-2025-13303

The CVE-2025-13303 entry concerns code-projects’ Courier Management System 1.0. Affected component: the file /search-edit.php, where manipulation of the Consignment parameter leads to SQL injection. Exploitation can be remote; multiple sources state the exploit has been publicly disclosed. No ven...

PT-2025-47211

Name of the Vulnerable Software and Affected Versions Courier Management System version 1.0 Description A SQL injection issue exists in the file /search-edit.php due to manipulation of the Consignment argument. This manipulation can be initiated remotely. The exploit has been publicly disclosed...