CVE-2025-7928

A vulnerability was found in code-projects Church Donation System 1.0 and classified as critical. This issue affects some unknown processing of the file /members/edituser.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit has...

Code-Projects Church Donation System 注入漏洞

Code-Projects Church Donation System is an open source church donation system by Code-Projects. An injection vulnerability exists in Code-Projects Church Donation System version 1.0, which stems from an SQL injection attack due to the incorrect operation of the parameter firstname in the file...

Voting System voters_add.php file SQL Injection Vulnerability

Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter firstname/lastname in the file /admin/votersadd.php for externally entered SQL statements. An attacker can exploit this vulnerability to execu...

CVE-2025-7840

A vulnerability was found in Campcodes Online Movie Theater Seat Reservation System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=reserve of the component Reserve Your Seat Page. The manipulation of the argument Firstname/Lastname leads to...

CampCodes Online Movie Theater Seat Reservation System 代码注入漏洞

CampCodes Online Movie Theater Seat Reservation System is an online movie theater seat reservation system from CampCodes Philippines, Inc. A code injection vulnerability exists in version 1.0 of the Campcodes Online Movie Theater Seat Reservation System, which originates from cross-site scripting...

Vehicle Parking Management System profile.php File SQL Injection Vulnerability

Vehicle Parking Management System is a parking management system. Vehicle Parking Management System suffers from a SQL injection vulnerability that stems from an error in the parameter firstname in the file /users/profile.php that lacks validation of an externally entered SQL statement. An attack...

CVE-2025-7555

A vulnerability, which was classified as critical, has been found in code-projects Voting System 1.0. This issue affects some unknown processing of the file /admin/votersadd.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The...

Code-Projects Voting System 注入漏洞

Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter firstname/lastname in the file /admin/votersadd.php for externally entered SQL statements. An attacker can exploit this vulnerability to execu...

CVE-2025-7481

A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been classified as critical. This affects an unknown part of the file /users/profile.php. The manipulation of the argument firstname leads to sql injection. It is possible to initiate the attack remotely. The...

PHPGurukul Vehicle Parking Management System 注入漏洞

Vehicle Parking Management System is a parking management system. Vehicle Parking Management System suffers from a SQL injection vulnerability that stems from an error in the parameter firstname in the file /users/profile.php that lacks validation of an externally entered SQL statement. An attack...

Online Shoe Store edit_customer.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter firstname in the file /function/editcustomer.php. An attacker can exploit this...

Simple Online Hotel Reservation System add_reserve.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter firstname in the file...

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter firstname in the file...

CVE-2025-6307

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /function/editcustomer.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit...

Code-Projects Online Shoe Store 注入漏洞

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter firstname in the file /function/editcustomer.php. An attacker can exploit this...

CVE-2024-50836

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and lastname parameters...

CVE-2023-1379

A vulnerability was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file addmem.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to sql...

CVE-2022-29359

A stored cross-site scripting XSS vulnerability in /scas/?page=clubs/applicationform=7 of School Club Application System v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

CVE-2022-46622

A cross-site scripting XSS vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

U.S. Dept Of Defense: POST XSS - fields[account][firstname] parameter

A cross-site scripting XSS vulnerability was discovered in a parameter named "fieldsaccountfirstname" that was processed via the POST method. The vulnerability allowed the injection of malicious scripts that could be executed when the affected page was loaded. The impact of the vulnerability was...