Lucene search
+L

321 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:36 a.m.8 views

CVE-2021-41962

Cross Site Scripting XSS vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Owner fullname parameter in a Send Service Request in vehicleservice...

4.8CVSS6AI score0.006EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.15 views

CVE-2022-31384

Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php...

9.8CVSS8.3AI score0.01644EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.21 views

CVE-2025-40696

Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fullname', 'location' and 'message' parameters via POST at the endpoint '/ofrs/reporting.php'. This vulnerability could...

5.4CVSS5.5AI score0.00193EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/20 12:0 a.m.4 views

Online Shopping Portal login.php File SQL Injection Vulnerability

Online Shopping Portal is an online store system. A SQL injection vulnerability exists in Online Shopping Portal due to a lack of validation of externally-entered SQL statements for the fullname, emailid, and contactno parameters in login.php. An attacker can exploit this vulnerability to execute...

6.5CVSS8.3AI score0.00235EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/18 12:11 a.m.16 views

CVE-2024-44660

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php...

6.5CVSS8AI score0.00235EPSS
Exploits1References1
NVD
NVD
added 2025/11/17 7:16 p.m.6 views

CVE-2024-44660

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php...

6.5CVSS0.00235EPSS
Exploits1References2
CVE
CVE
added 2025/11/17 12:0 a.m.17 views

CVE-2024-44660

The CVE-2024-44660 entry concerns PHPGurukul Online Shopping Portal 2.0 with a SQL Injection in login.php, exploitable via the fullname, emailid, and contactno parameters. Root cause: lack of input validation/parameterized queries allows arbitrary SQL to be executed against the backend database. ...

6.5CVSS7.6AI score0.00235EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/17 12:0 a.m.5 views

CVE-2024-44660

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php...

7.6AI score0.00235EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/17 12:0 a.m.11 views

CVE-2024-44660

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php...

0.00235EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/11/17 12:0 a.m.6 views

PHPGurukul Online Shopping Portal 安全漏洞

Online Shopping Portal is an online store system. A SQL injection vulnerability exists in Online Shopping Portal due to a lack of validation of externally-entered SQL statements for the fullname, emailid, and contactno parameters in login.php. An attacker can exploit this vulnerability to execute...

6.5CVSS8.2AI score0.00235EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.8 views

PT-2025-47197

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Shopping Portal version 2.0 Description The PHPGurukul Online Shopping Portal version 2.0 is susceptible to SQL Injection. This issue affects the login.php file and specifically involves the fullname, emailid, and contactno...

6.5CVSS7.6AI score0.00235EPSS
Exploits1References6
NVD
NVD
added 2025/11/10 4:15 a.m.17 views

CVE-2025-12929

A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function saveuser/updateuser of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been publish...

9.8CVSS0.00431EPSS
Exploits1References5
OSV
OSV
added 2025/11/10 4:15 a.m.3 views

CVE-2025-12929

A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function saveuser/updateuser of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been publish...

9.8CVSS5.8AI score
Exploits0References5
Cvelist
Cvelist
added 2025/11/10 3:32 a.m.17 views

CVE-2025-12929 SourceCodester Survey Application System LoginRegistration.php update_user sql injection

A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function saveuser/updateuser of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been publish...

7.5CVSS0.00431EPSS
Exploits1References5
EUVD
EUVD
added 2025/11/10 3:32 a.m.8 views

EUVD-2025-41749

A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function saveuser/updateuser of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been publish...

7.5CVSS6.4AI score0.00431EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/11/10 3:32 a.m.4 views

CVE-2025-12929 SourceCodester Survey Application System LoginRegistration.php update_user sql injection

A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function saveuser/updateuser of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been publish...

7.5CVSS7.1AI score0.00431EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/11/10 12:0 a.m.10 views

SourceCodester Survey Application System 安全漏洞

SourceCodester Survey Application System is an open source survey application system from SourceCodester. A security vulnerability exists in SourceCodester Survey Application System version 1.0, which stems from an incorrect manipulation of the parameter fullname in the file /LoginRegistration.ph...

9.8CVSS7.8AI score0.00431EPSS
Exploits1References5
CNVD
CNVD
added 2025/10/31 12:0 a.m.6 views

Online Event Judging System add_judge.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /addjudge.php. The vulnerability can be...

8.8CVSS7.1AI score0.00299EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/28 7:53 p.m.9 views

CVE-2025-12312

A flaw has been found in PHPGurukul Curfew e-Pass Management System 1.0. Impacted is an unknown function of the file view-pass-detail.php. This manipulation of the argument Fullname/Category causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may ...

4.8CVSS5.4AI score0.00237EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/28 9:51 a.m.8 views

CVE-2025-12255

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /addcontestant.php. Performing manipulation of the argument fullname results in sql injection. Remote exploitation of the attack is possible. The exploit has been release...

8.8CVSS6.4AI score0.00299EPSS
Exploits1References1
Rows per page
Query Builder