Lucene search
K

153 matches found

Cvelist
Cvelist
added 2026/03/22 1:47 p.m.39 views

CVE-2026-4550 code-projects Simple Gym Management System func.php sql injection

A vulnerability has been found in code-projects Simple Gym Management System up to 1.0. This affects an unknown part of the file /gym/func.php. Such manipulation of the argument Trainerid/fname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...

5.8CVSS0.00263EPSS
Exploits0References7
CVE
CVE
added 2026/03/22 1:47 p.m.18 views

CVE-2026-4550

CVE-2026-4550 affects code-projects’ Simple Gym Management System (

5.8CVSS5.7AI score0.00263EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/03/22 12:0 a.m.8 views

Code-Projects Simple Gym Management System SQL注入漏洞

Code-Projects Simple Gym Management System is an open-source gym management system developed by Code-Projects. Versions of Code-Projects Simple Gym Management System prior to 1.0 contained a SQL injection vulnerability. This vulnerability stemmed from incorrect operations with the parameters...

5.8CVSS5.9AI score0.00263EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/03/03 7:42 a.m.11 views

CVE-2026-3406

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...

9.8CVSS5.7AI score0.00333EPSS
Exploits1References1
NVD
NVD
added 2026/03/02 3:16 a.m.9 views

CVE-2026-3406

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...

9.8CVSS0.00333EPSS
Exploits1References4
OSV
OSV
added 2026/03/02 3:16 a.m.4 views

CVE-2026-3406

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...

9.8CVSS5.7AI score0.00333EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/02 2:32 a.m.7 views

EUVD-2026-9139

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...

7.5CVSS6.8AI score0.00333EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/02 2:32 a.m.9 views

CVE-2026-3406

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...

9.8CVSS5.7AI score0.00333EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/02 2:32 a.m.7 views

CVE-2026-3406 projectworlds Online Art Gallery Shop Registration registration.php sql injection

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...

7.5CVSS6.8AI score0.00333EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.6 views

Projectworlds Online Art Gallery Shop SQL注入漏洞

Projectworlds Online Art Gallery Shop is an online art gallery store open sourced by Projectworlds. Version 1.0 of Projectworlds Online Art Gallery Shop has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter fname in the file admin/registration.php,...

9.8CVSS7.2AI score0.00333EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.9 views

PT-2026-20619

The WP Customer Reviews plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpcr3 fname' parameter in all versions up to, and including, 3.7.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS5.8AI score0.00255EPSS
Exploits0References7
NVD
NVD
added 2026/01/02 7:15 p.m.11 views

CVE-2026-0570

A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing a manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...

9.8CVSS0.00385EPSS
Exploits1References5
OSV
OSV
added 2026/01/02 7:15 p.m.5 views

CVE-2026-0570

A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing a manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...

9.8CVSS5.8AI score0.00385EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/02 7:2 p.m.5 views

CVE-2026-0570

A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing a manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...

9.8CVSS7.2AI score0.00385EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/01/02 7:2 p.m.18 views

CVE-2026-0570

CVE-2026-0570 affects code-projects Online Music Site 1.0. The vulnerability is an SQL injection in /Frontend/Feedback.php caused by manipulation of the fname parameter. It can be exploited remotely, and the exploit has been publicly released. Remediation guidance from connected sources calls for...

9.8CVSS7.2AI score0.00385EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/12/30 1:15 a.m.5 views

CVE-2025-15211

A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown function of the file /home/refugee.php. Executing manipulation of the argument refNo/Fname/Lname/sex/age/contact/nationalitynid can lead to sql injection. The attack can be executed remotely. The...

9.8CVSS0.00315EPSS
Exploits1References5
CNVD
CNVD
added 2025/12/10 12:0 a.m.4 views

Student Management System /edit_user.php File SQL Injection Vulnerability

Student Management System is a student management system. Student Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /edituser.php. The vulnerability can be exploited to...

9.8CVSS8.3AI score0.00339EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/09 9:33 a.m.14 views

CVE-2025-14226

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

9.8CVSS7.5AI score0.00339EPSS
Exploits1References1
OSV
OSV
added 2025/12/08 10:16 a.m.8 views

CVE-2025-14226

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

9.8CVSS5.8AI score0.00339EPSS
Exploits1References5
NVD
NVD
added 2025/12/08 10:16 a.m.5 views

CVE-2025-14226

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

9.8CVSS0.00339EPSS
Exploits1References5
Rows per page
Query Builder