371 matches found
CVE-2025-10075
SourceCodester Online Polling System 1.0 contains a cross-site scripting (XSS) flaw in /manage-profile.php triggered by manipulating the firstname parameter. The vulnerability can be exploited remotely and exploits have been released publicly. Multiple sources (NVD, Red Hat, CNNVD, PT-Security, a...
CVE-2025-10075 SourceCodester Online Polling System manage-profile.php cross site scripting
A security flaw has been discovered in SourceCodester Online Polling System 1.0. The impacted element is an unknown function of the file /manage-profile.php. The manipulation of the argument firstname results in cross site scripting. The attack can be launched remotely. The exploit has been...
CVE-2025-10075 SourceCodester Online Polling System manage-profile.php cross site scripting
A security flaw has been discovered in SourceCodester Online Polling System 1.0. The impacted element is an unknown function of the file /manage-profile.php. The manipulation of the argument firstname results in cross site scripting. The attack can be launched remotely. The exploit has been...
CVE-2025-9794
A flaw has been found in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/postransac.php?action=add. Executing manipulation of the argument cash/firstname can lead to sql injection. The attack may be performed from remote. The explo...
CVE-2025-9786
A vulnerability was found in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /teachersignup.php. Performing manipulation of the argument firstname results in sql injection. The attack can be initiated remotely. The exploit has been made public and coul...
CVE-2025-9794
A flaw has been found in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/postransac.php?action=add. Executing manipulation of the argument cash/firstname can lead to sql injection. The attack may be performed from remote. The explo...
CVE-2025-9794 Campcodes Computer Sales and Inventory System pos_transac.php sql injection
A flaw has been found in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/postransac.php?action=add. Executing manipulation of the argument cash/firstname can lead to sql injection. The attack may be performed from remote. The explo...
CVE-2025-9794
CVE-2025-9794 affects Campcodes Computer Sales and Inventory System 1.0. A SQL injection vulnerability exists in the /pages/pos_transac.php?action=add endpoint, exploitable by manipulating the cash/firstname parameter. Attacks may be performed remotely, and multiple parameters could be affected. ...
CVE-2025-9794 Campcodes Computer Sales and Inventory System pos_transac.php sql injection
A flaw has been found in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/postransac.php?action=add. Executing manipulation of the argument cash/firstname can lead to sql injection. The attack may be performed from remote. The explo...
CVE-2025-9786
A vulnerability was found in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /teachersignup.php. Performing manipulation of the argument firstname results in sql injection. The attack can be initiated remotely. The exploit has been made public and coul...
CVE-2025-9786 Campcodes Online Learning Management System teacher_signup.php sql injection
A vulnerability was found in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /teachersignup.php. Performing manipulation of the argument firstname results in sql injection. The attack can be initiated remotely. The exploit has been made public and coul...
PT-2025-35496
Name of the Vulnerable Software and Affected Versions: Campcodes Online Learning Management System version 1.0 Description: A SQL injection issue exists in Campcodes Online Learning Management System version 1.0. The issue is located in the /teacher signup.php file, within an unknown function...
PT-2025-35510
Name of the Vulnerable Software and Affected Versions: Campcodes Computer Sales and Inventory System version 1.0 Description: A flaw exists in Campcodes Computer Sales and Inventory System that may allow for SQL injection. The issue is located in an unknown function within the /pages/pos...
CampCodes Computer Sales and Inventory System 安全漏洞
CampCodes Computer Sales and Inventory System is a computerized sales and inventory system from CampCodes Philippines. A security vulnerability exists in CampCodes Computer Sales and Inventory System version 1.0, which stems from a SQL injection due to incorrect manipulation of the parameter...
CVE-2025-51989
HTML injection vulnerability in the registration interface in Evolution Consulting Kft. HRmaster module v235 allows an attacker to inject HTML tags into the "keresztnév" firstname field, which will be sent out in an email resulting in possible Phishing scenarios against any, previously not...
CVE-2025-51989
HTML injection vulnerability in the registration interface in Evolution Consulting Kft. HRmaster module v235 allows an attacker to inject HTML tags into the "keresztnév" firstname field, which will be sent out in an email resulting in possible Phishing scenarios against any, previously not...
CVE-2025-51989
HTML injection vulnerability in the registration interface in Evolution Consulting Kft. HRmaster module v235 allows an attacker to inject HTML tags into the "keresztnév" firstname field, which will be sent out in an email resulting in possible Phishing scenarios against any, previously not...
CVE-2025-51989
CVE-2025-51989 : HTML injection vulnerability in Evolution Consulting Kft. HRmaster module v235’s registration interface allows injecting HTML tags into the keresztnév (firstname) field, which can be included in emails and potentially enable phishing against unregistered addresses. Affected compo...
CVE-2023-41522
Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters...
Code-Projects Online Ordering System 注入漏洞
Code-Projects Online Ordering System is a Code-Projects open source online ordering system. An injection vulnerability exists in code-projects Online Ordering System version 1.0, which originates from a SQL injection due to the incorrect operation of the parameter firstname in the file /signup.ph...