153 matches found
CVE-2026-4550 code-projects Simple Gym Management System func.php sql injection
A vulnerability has been found in code-projects Simple Gym Management System up to 1.0. This affects an unknown part of the file /gym/func.php. Such manipulation of the argument Trainerid/fname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...
CVE-2026-4550
CVE-2026-4550 affects code-projects’ Simple Gym Management System (
Code-Projects Simple Gym Management System SQL注入漏洞
Code-Projects Simple Gym Management System is an open-source gym management system developed by Code-Projects. Versions of Code-Projects Simple Gym Management System prior to 1.0 contained a SQL injection vulnerability. This vulnerability stemmed from incorrect operations with the parameters...
CVE-2026-3406
A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...
CVE-2026-3406
A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...
CVE-2026-3406
A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...
EUVD-2026-9139
A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...
CVE-2026-3406
A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...
CVE-2026-3406 projectworlds Online Art Gallery Shop Registration registration.php sql injection
A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack...
Projectworlds Online Art Gallery Shop SQL注入漏洞
Projectworlds Online Art Gallery Shop is an online art gallery store open sourced by Projectworlds. Version 1.0 of Projectworlds Online Art Gallery Shop has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter fname in the file admin/registration.php,...
PT-2026-20619
The WP Customer Reviews plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpcr3 fname' parameter in all versions up to, and including, 3.7.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2026-0570
A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing a manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...
CVE-2026-0570
A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing a manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...
CVE-2026-0570
A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing a manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...
CVE-2026-0570
CVE-2026-0570 affects code-projects Online Music Site 1.0. The vulnerability is an SQL injection in /Frontend/Feedback.php caused by manipulation of the fname parameter. It can be exploited remotely, and the exploit has been publicly released. Remediation guidance from connected sources calls for...
CVE-2025-15211
A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown function of the file /home/refugee.php. Executing manipulation of the argument refNo/Fname/Lname/sex/age/contact/nationalitynid can lead to sql injection. The attack can be executed remotely. The...
Student Management System /edit_user.php File SQL Injection Vulnerability
Student Management System is a student management system. Student Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /edituser.php. The vulnerability can be exploited to...
CVE-2025-14226
A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...
CVE-2025-14226
A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...
CVE-2025-14226
A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...