233 matches found
CVE-2025-56074
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
PT-2025-38719
Name of the Vulnerable Software and Affected Versions PHPGurukul Park Ticketing Management System version 2.0 Description A SQL Injection issue exists in the foreigner-bwdates-reports-details.php file. This allows remote attackers to execute arbitrary SQL code through the fromdate parameter in a...
CVE-2025-56075
The CVE-2025-56075 entry concerns a SQL Injection in PHPGurukul Park Ticketing Management System v2.0, specifically in the normal-bwdates-reports-details.php file. The vulnerability arises from unsafely handling the fromdate parameter in a POST request, enabling an attacker to inject arbitrary SQ...
CVE-2025-56075
A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
CVE-2025-56074
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
PHPGurukul Park Ticketing Management System 安全漏洞
Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter fromdate in the file normal-bwdates-reports-details.php. A...
CVE-2025-56075
A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
CVE-2025-56074
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
Campcodes Online Beauty Parlor Management System SQL注入漏洞
CampCodes Online Beauty Parlor Management System is an online beauty parlor management system from CampCodes Philippines, Inc. Campcodes Online Beauty Parlor Management System version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter...
PT-2025-38746
Name of the Vulnerable Software and Affected Versions Campcodes Online Beauty Parlor Management System version 1.0 Description A security issue exists in Campcodes Online Beauty Parlor Management System 1.0. The issue involves potential SQL injection due to manipulation of the fromdate/todate...
PT-2025-38720
Name of the Vulnerable Software and Affected Versions PHPGurukul Park Ticketing Management System version 2.0 Description A SQL Injection issue exists in the normal-bwdates-reports-details.php file. This allows remote attackers to execute arbitrary SQL code by manipulating the fromdate parameter...
PHPGurukul Park Ticketing Management System 安全漏洞
Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the fromdate parameter in the file foreigner-bwdates-reports-details.php against an externally entered SQL...
CVE-2025-56074
The CVE-2025-56074 entry concerns PHPGurukul Park Ticketing Management System v2.0. The vulnerability is a SQL Injection in the file foreigner-bwdates-reports-details.php, exploitable via the fromdate parameter in a POST request. The underlying issue is lack of input validation that allows an att...
CVE-2025-40694
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fromdate' and 'todate' parameters via POST at the endpoint '/ofrs/admin/bwdates-report-result.php'. This vulnerability...
CVE-2025-40694 Cross Site Scripting in PHPGurukul Online Fire Reporting System
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fromdate' and 'todate' parameters via POST at the endpoint '/ofrs/admin/bwdates-report-result.php'. This vulnerability...
Online Fire Reporting System 跨站脚本漏洞
Online Fire Reporting System is an online fire reporting system developed by Carlo Montero, an individual developer. A cross-site scripting vulnerability exists in Online Fire Reporting System version 1.2, which stems from insufficient validation of the input of the parameters fromdate and todate...
PT-2025-37178
Name of the Vulnerable Software and Affected Versions: Online Fire Reporting System version 1.2 Description: The Online Fire Reporting System contains a stored cross-site scripting XSS issue. This is due to insufficient validation of user-supplied fromdate and todate parameters via a POST request...
CVE-2025-9919
A vulnerability was identified in 1000projects Beauty Parlour Management System 1.0. This affects an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploi...
CVE-2025-9919
A vulnerability was identified in 1000projects Beauty Parlour Management System 1.0. This affects an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploi...
CVE-2025-9919
CVE-2025-9919 affects 1000projects Beauty Parlour Management System 1.0. The vulnerability is in the /admin/bwdates-reports-details.php script, where manipulating the fromdate/todate parameters leads to SQL injection. Exploitation can be performed remotely and public exploit code exists. Multiple...