Lucene search
K

153 matches found

NVD
NVD
added 2025/09/14 9:15 p.m.5 views

CVE-2025-10409

A weakness has been identified in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /rms.php?page=users. Executing manipulation of the argument fname can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public...

8.8CVSS0.00309EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/14 8:32 p.m.10 views

CVE-2025-10409 SourceCodester Student Grading System rms.php sql injection

A weakness has been identified in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /rms.php?page=users. Executing manipulation of the argument fname can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public...

6.5CVSS0.00309EPSS
Exploits1References5
CVE
CVE
added 2025/09/14 8:32 p.m.19 views

CVE-2025-10409

CVE-2025-10409 concerns a SQL injection vulnerability in SourceCodester Student Grading System 1.0, arising from manipulation of the fname parameter in /rms.php?page=users. The flaw allows remote attackers to execute arbitrary SQL; exploitation is public and the attack surface includes the affect...

8.8CVSS6.4AI score0.00309EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/14 12:0 a.m.4 views

PT-2025-37429

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Grading System version 1.0 Description: A weakness exists in SourceCodester Student Grading System 1.0. The issue affects an unknown part of the file /rms.php?page=users. Manipulation of the fname argument can lead to S...

8.8CVSS6.4AI score0.00309EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/09/14 12:0 a.m.3 views

SourceCodester Student Grading System SQL注入漏洞

SourceCodester Student Grading System is an open source student grading system from SourceCodester. A SQL injection vulnerability exists in SourceCodester Student Grading System version 1.0, which stems from an incorrect manipulation of the parameter fname in the file /rms.php, which could lead t...

8.8CVSS6.9AI score0.00309EPSS
Exploits1References6
CNVD
CNVD
added 2025/09/02 12:0 a.m.3 views

Online Event Judging System create_account.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /createaccount.php. The vulnerability can be...

9.8CVSS8.3AI score0.00384EPSS
Exploits1References1
OSV
OSV
added 2025/08/29 4:16 a.m.1 views

CVE-2025-9610

A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /createaccount.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicl...

9.8CVSS5.7AI score0.00384EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/29 12:0 a.m.4 views

Code-Projects Online Event Judging System 安全漏洞

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /createaccount.php. The vulnerability can be...

9.8CVSS8.2AI score0.00384EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/08/29 12:0 a.m.5 views

PT-2025-35182

Name of the Vulnerable Software and Affected Versions code-projects Online Event Judging System version 1.0 Description A vulnerability exists in the processing of the /create account.php file. Manipulation of the fname argument causes SQL injection, allowing for remote exploitation. The exploit...

9.8CVSS7.5AI score0.00384EPSS
Exploits1References13
RedhatCVE
RedhatCVE
added 2025/08/12 2:25 p.m.5 views

CVE-2025-8811

A vulnerability, which was classified as critical, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely...

9.8CVSS7.7AI score0.00514EPSS
Exploits1References1
NVD
NVD
added 2025/08/10 2:15 p.m.6 views

CVE-2025-8811

A vulnerability, which was classified as critical, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely...

9.8CVSS0.00514EPSS
Exploits1References5
CVE
CVE
added 2025/08/10 1:32 p.m.28 views

CVE-2025-8811

CVE-2025-8811 affects Simple Art Gallery 1.0 (Code-Projects). The vulnerability is a SQL injection in the /Admin/registration.php file, triggered by manipulating the fname argument. It is remotely exploitable and has been publicly disclosed. Multiple sources classify the issue as critical with hi...

9.8CVSS7.6AI score0.00514EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/08/10 12:0 a.m.3 views

Code-Projects Simple Art Gallery 注入漏洞

Code-Projects Simple Art Gallery is a Code-Projects open source simple art gallery software. An injection vulnerability exists in Code-Projects Simple Art Gallery version 1.0, which originates from a SQL injection due to a misuse of the parameter fname in the file /Admin/registration.php, which...

9.8CVSS7.8AI score0.00514EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/08/10 12:0 a.m.10 views

PT-2025-32485 · Unknown · Simple Art Gallery

Name of the Vulnerable Software and Affected Versions: Simple Art Gallery version 1.0 Description: A critical vulnerability exists in Simple Art Gallery 1.0 due to a SQL injection flaw. The issue is located in an unknown functionality within the /Admin/registration.php file. The fname argument ca...

9.8CVSS8.1AI score0.00514EPSS
Exploits1References10
OSV
OSV
added 2025/08/07 6:15 p.m.4 views

CVE-2023-41529

Hospital Management System v4 was discovered to contain multiple cross-site scripting XSS vulnerabilities in func2.php via the fname and lname parameters...

6.1CVSS5.7AI score0.00202EPSS
Exploits0References2
OSV
OSV
added 2025/07/25 8:15 p.m.4 views

CVE-2025-8167

A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/editmembers.php. The manipulation of the argument fname leads to cross site scripting. The attack can be launch...

5.4CVSS3.6AI score0.00311EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/25 12:0 a.m.12 views

Code-Projects Church Donation System 代码注入漏洞

Code-Projects Church Donation System is an open source church donation system by Code-Projects. A code injection vulnerability exists in Code-Projects Church Donation System version 1.0, which originates from cross-site scripting due to misbehavior of the parameter fname in the file...

5.4CVSS4.9AI score0.00311EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/07/25 12:0 a.m.11 views

PT-2025-30932 · Unknown · Church Donation System

Name of the Vulnerable Software and Affected Versions: Church Donation System version 1.0 Description: A vulnerability exists in Church Donation System version 1.0 related to cross site scripting. The issue is located in the /admin/edit members.php file. Manipulation of the fname argument can lea...

5.4CVSS3.5AI score0.00311EPSS
Exploits1References8
Hacker One
Hacker One
added 2025/07/24 10:49 a.m.6 views

U.S. Dept Of Defense: Cross-Site Scripting via 'fname' parameter in ███

A Cross-Site Scripting XSS vulnerability was discovered in the 'fname' parameter of the target application. The vulnerability allowed an attacker to inject malicious scripts that could be executed. Exploitation of this vulnerability could have led to consequences such as cookie theft and session...

5.9AI score
Exploits0
OSV
OSV
added 2025/07/21 4:15 p.m.9 views

CVE-2025-7929

A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /members/editMembers.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit...

9.8CVSS5.8AI score0.00498EPSS
Exploits1References5
Rows per page
Query Builder