153 matches found
CVE-2025-10409
A weakness has been identified in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /rms.php?page=users. Executing manipulation of the argument fname can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public...
CVE-2025-10409 SourceCodester Student Grading System rms.php sql injection
A weakness has been identified in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /rms.php?page=users. Executing manipulation of the argument fname can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public...
CVE-2025-10409
CVE-2025-10409 concerns a SQL injection vulnerability in SourceCodester Student Grading System 1.0, arising from manipulation of the fname parameter in /rms.php?page=users. The flaw allows remote attackers to execute arbitrary SQL; exploitation is public and the attack surface includes the affect...
PT-2025-37429
Name of the Vulnerable Software and Affected Versions: SourceCodester Student Grading System version 1.0 Description: A weakness exists in SourceCodester Student Grading System 1.0. The issue affects an unknown part of the file /rms.php?page=users. Manipulation of the fname argument can lead to S...
SourceCodester Student Grading System SQL注入漏洞
SourceCodester Student Grading System is an open source student grading system from SourceCodester. A SQL injection vulnerability exists in SourceCodester Student Grading System version 1.0, which stems from an incorrect manipulation of the parameter fname in the file /rms.php, which could lead t...
Online Event Judging System create_account.php File SQL Injection Vulnerability
Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /createaccount.php. The vulnerability can be...
CVE-2025-9610
A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /createaccount.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicl...
Code-Projects Online Event Judging System 安全漏洞
Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /createaccount.php. The vulnerability can be...
PT-2025-35182
Name of the Vulnerable Software and Affected Versions code-projects Online Event Judging System version 1.0 Description A vulnerability exists in the processing of the /create account.php file. Manipulation of the fname argument causes SQL injection, allowing for remote exploitation. The exploit...
CVE-2025-8811
A vulnerability, which was classified as critical, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely...
CVE-2025-8811
A vulnerability, which was classified as critical, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely...
CVE-2025-8811
CVE-2025-8811 affects Simple Art Gallery 1.0 (Code-Projects). The vulnerability is a SQL injection in the /Admin/registration.php file, triggered by manipulating the fname argument. It is remotely exploitable and has been publicly disclosed. Multiple sources classify the issue as critical with hi...
Code-Projects Simple Art Gallery 注入漏洞
Code-Projects Simple Art Gallery is a Code-Projects open source simple art gallery software. An injection vulnerability exists in Code-Projects Simple Art Gallery version 1.0, which originates from a SQL injection due to a misuse of the parameter fname in the file /Admin/registration.php, which...
PT-2025-32485 · Unknown · Simple Art Gallery
Name of the Vulnerable Software and Affected Versions: Simple Art Gallery version 1.0 Description: A critical vulnerability exists in Simple Art Gallery 1.0 due to a SQL injection flaw. The issue is located in an unknown functionality within the /Admin/registration.php file. The fname argument ca...
CVE-2023-41529
Hospital Management System v4 was discovered to contain multiple cross-site scripting XSS vulnerabilities in func2.php via the fname and lname parameters...
CVE-2025-8167
A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/editmembers.php. The manipulation of the argument fname leads to cross site scripting. The attack can be launch...
Code-Projects Church Donation System 代码注入漏洞
Code-Projects Church Donation System is an open source church donation system by Code-Projects. A code injection vulnerability exists in Code-Projects Church Donation System version 1.0, which originates from cross-site scripting due to misbehavior of the parameter fname in the file...
PT-2025-30932 · Unknown · Church Donation System
Name of the Vulnerable Software and Affected Versions: Church Donation System version 1.0 Description: A vulnerability exists in Church Donation System version 1.0 related to cross site scripting. The issue is located in the /admin/edit members.php file. Manipulation of the fname argument can lea...
U.S. Dept Of Defense: Cross-Site Scripting via 'fname' parameter in ███
A Cross-Site Scripting XSS vulnerability was discovered in the 'fname' parameter of the target application. The vulnerability allowed an attacker to inject malicious scripts that could be executed. Exploitation of this vulnerability could have led to consequences such as cookie theft and session...
CVE-2025-7929
A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /members/editMembers.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit...