1478 matches found
CVE-2026-5551
A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...
CVE-2026-5555
The CVE-2026-5555 entry concerns code-projects Concert Ticket Reservation System 1.0, specifically an issue in the login.php file under the Parameter Handler. The vulnerability stems from manipulating the Email argument, enabling SQL injection. It is described as exploitable remotely and with a p...
CVE-2026-5555 code-projects Concert Ticket Reservation System Parameter login.php sql injection
A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...
PT-2026-30425
A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...
Code-Projects Concert Ticket Reservation System SQL注入漏洞
The Code-Projects Concert Ticket Reservation System is an open-source system for booking concert tickets. Version 1.0 of the Code-Projects Concert Ticket Reservation System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter Email in the file...
CVE-2026-5180
A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-5180 SourceCodester Simple Doctors Appointment System ajax.php sql injection
A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
SourceCodester Simple Doctors Appointment System SQL注入漏洞
SourceCodester Simple Doctors Appointment System is an easy doctor appointment system developed under the open-source framework of SourceCodester. Version 1.0 of the SourceCodester Simple Doctors Appointment System has a SQL injection vulnerability. This vulnerability arises from incorrect handli...
CVE-2026-2442
The CVE-2026-2442 entry affects the Page Builder: Pagelayer WordPress plugin, with all versions up to and including 2.0.7. Root cause: Improper Neutralization of CRLF Sequences in the contact form handler, where attacker-controlled form fields undergo placeholder substitution and are then passed ...
EUVD-2018-21665
Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...
CVE-2018-25203
Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...
CVE-2018-25203
Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...
CVE-2018-25203 Online Store System CMS 1.0 SQL Injection via clientaccess
Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...
CVE-2018-25203 Online Store System CMS 1.0 SQL Injection via clientaccess
Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...
PT-2026-28240
Name of the Vulnerable Software and Affected Versions Online Store System CMS version 1.0 Description An SQL injection allows unauthenticated attackers to manipulate database queries. This is achieved by sending POST requests to the 'index.php' endpoint with the action parameter set to...
EUVD-2019-20022
Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgottenpassword module to...
CVE-2019-25641
Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgottenpassword module to...
CVE-2019-25641 Netartmedia Vlog System Lastest SQL Injection via email Parameter
Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgottenpassword module to...
CVE-2019-25641
Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgottenpassword module to...
CVE-2019-25641 Netartmedia Vlog System Lastest SQL Injection via email Parameter
Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgottenpassword module to...