Lucene search
K

1478 matches found

NVD
NVD
added 2026/04/05 9:16 a.m.6 views

CVE-2026-5551

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

7.5CVSS0.00259EPSS
Exploits0References5
CVE
CVE
added 2026/04/05 9:15 a.m.8 views

CVE-2026-5555

The CVE-2026-5555 entry concerns code-projects Concert Ticket Reservation System 1.0, specifically an issue in the login.php file under the Parameter Handler. The vulnerability stems from manipulating the Email argument, enabling SQL injection. It is described as exploitable remotely and with a p...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/05 9:15 a.m.3 views

CVE-2026-5555 code-projects Concert Ticket Reservation System Parameter login.php sql injection

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.6 views

PT-2026-30425

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

Code-Projects Concert Ticket Reservation System SQL注入漏洞

The Code-Projects Concert Ticket Reservation System is an open-source system for booking concert tickets. Version 1.0 of the Code-Projects Concert Ticket Reservation System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter Email in the file...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References5
NVD
NVD
added 2026/03/31 5:16 a.m.4 views

CVE-2026-5180

A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS0.00325EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/31 4:0 a.m.30 views

CVE-2026-5180 SourceCodester Simple Doctors Appointment System ajax.php sql injection

A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS0.00325EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.10 views

SourceCodester Simple Doctors Appointment System SQL注入漏洞

SourceCodester Simple Doctors Appointment System is an easy doctor appointment system developed under the open-source framework of SourceCodester. Version 1.0 of the SourceCodester Simple Doctors Appointment System has a SQL injection vulnerability. This vulnerability arises from incorrect handli...

7.5CVSS7.2AI score0.00325EPSS
Exploits0References5
CVE
CVE
added 2026/03/28 9:27 a.m.17 views

CVE-2026-2442

The CVE-2026-2442 entry affects the Page Builder: Pagelayer WordPress plugin, with all versions up to and including 2.0.7. Root cause: Improper Neutralization of CRLF Sequences in the contact form handler, where attacker-controlled form fields undergo placeholder substitution and are then passed ...

5.3CVSS6AI score0.00297EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/26 12:30 p.m.5 views

EUVD-2018-21665

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

8.8CVSS6AI score0.00334EPSS
Exploits0References4
NVD
NVD
added 2026/03/26 12:16 p.m.4 views

CVE-2018-25203

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

8.8CVSS0.00334EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/26 11:39 a.m.3 views

CVE-2018-25203

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

8.8CVSS6AI score0.00334EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/26 11:39 a.m.26 views

CVE-2018-25203 Online Store System CMS 1.0 SQL Injection via clientaccess

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

8.8CVSS0.00334EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/26 11:39 a.m.7 views

CVE-2018-25203 Online Store System CMS 1.0 SQL Injection via clientaccess

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

8.8CVSS6AI score0.00334EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.6 views

PT-2026-28240

Name of the Vulnerable Software and Affected Versions Online Store System CMS version 1.0 Description An SQL injection allows unauthenticated attackers to manipulate database queries. This is achieved by sending POST requests to the 'index.php' endpoint with the action parameter set to...

8.8CVSS5.9AI score0.00334EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/24 12:30 p.m.3 views

EUVD-2019-20022

Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgottenpassword module to...

8.8CVSS6AI score0.00267EPSS
Exploits0References4
NVD
NVD
added 2026/03/24 12:16 p.m.5 views

CVE-2019-25641

Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgottenpassword module to...

8.8CVSS0.00267EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/24 11:27 a.m.19 views

CVE-2019-25641 Netartmedia Vlog System Lastest SQL Injection via email Parameter

Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgottenpassword module to...

8.8CVSS0.00267EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/24 11:27 a.m.3 views

CVE-2019-25641

Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgottenpassword module to...

8.8CVSS6AI score0.00267EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/24 11:27 a.m.3 views

CVE-2019-25641 Netartmedia Vlog System Lastest SQL Injection via email Parameter

Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgottenpassword module to...

8.8CVSS6AI score0.00267EPSS
Exploits0References3
Rows per page
Query Builder