QDOCS Smart School 跨站脚本漏洞

QDOCS Smart School is a smart school management system from QDOCS, Inc. A cross-site scripting vulnerability exists in QDOCS Smart School version 7.0, which stems from insufficient input validation of the parameters firstname, lastname, and guardianname in the file/onlineadmission, and could lead...

CVE-2025-12598

A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function savetenant of the file /adminclass.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-12598 SourceCodester Best House Rental Management System admin_class.php save_tenant sql injection

A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function savetenant of the file /adminclass.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-12598

CVE-2025-12598 affects SourceCodester Best House Rental Management System 1.0. The flaw is in the admin_class.php save_tenant function where manipulating the firstname parameter can cause SQL injection. Attacks can be executed remotely and the exploit has been published; multiple parameters may b...

SourceCodester Best House Rental Management System SQL注入漏洞

SourceCodester Best House Rental Management System is a SourceCodester open source house rental management system. SourceCodester Best House Rental Management System version 1.0 exists SQL injection vulnerability, the vulnerability stems from the file /adminclass.php function savetenant on the...

PT-2025-44736

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A flaw exists in the software that allows for SQL injection. The issue is located in the save tenant function within the /admin class.php file. Manipulation of the...

Automated Voting System add_candidate_modal.php File SQL Injection Vulnerability

Automated Voting System is an automated voting system. Automated Voting System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter firstname in file /admin/addcandidatemodal.php for externally entered SQL statements. An attacker can exploit this...

CVE-2025-11667

A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addcandidatemodal.php.. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11667 code-projects Automated Voting System add_candidate_modal.php. sql injection

A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addcandidatemodal.php.. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has...

code-projects Automated Voting System SQL注入漏洞

Automated Voting System is an automated voting system. Automated Voting System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter firstname in file /admin/addcandidatemodal.php for externally entered SQL statements. An attacker can exploit this...

PT-2025-41769

Name of the Vulnerable Software and Affected Versions code-projects Automated Voting System version 1.0 Description A flaw exists in code-projects Automated Voting System that allows for remote execution of SQL injection attacks. The issue is located in the file /admin/add candidate modal.php...

CVE-2025-11425

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...

CVE-2025-11421

A flaw has been found in code-projects Voting System 1.0. The affected element is an unknown function of the file /admin/candidatesedit.php. This manipulation of the argument Firstname/Lastname/Platform causes cross site scripting. Remote exploitation of the attack is possible. The exploit has be...

CVE-2025-11512

A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/votersadd.php. The manipulation of the argument Firstname/Lastname/Platform results in cross site scripting. The attack can be executed remotely. The exploit has...

CVE-2025-11512 code-projects Voting System voters_add.php cross site scripting

A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/votersadd.php. The manipulation of the argument Firstname/Lastname/Platform results in cross site scripting. The attack can be executed remotely. The exploit has...

CVE-2025-11410

A flaw has been found in Campcodes Advanced Online Voting Management System 1.0. This affects an unknown function of the file /admin/votersadd.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be executed remotely. The exploit has been published and m...

CVE-2025-11425

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...

CVE-2025-11425

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...

CVE-2025-11425 projectworlds Advanced Library Management System edit_admin.php cross site scripting

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...

CVE-2025-11425 projectworlds Advanced Library Management System edit_admin.php cross site scripting

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...