Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/06/25 12:0 a.m.17 views

CVE-2026-37149

GROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN v1.0 was discovered to contain a SQL injection vulnerability in the scost parameter in /grocery/searchproducts.php. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement...

0.00215EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.11 views

school-management-system 安全漏洞

School-Management-System is a school management system developed by Shubham Kumar, an individual developer. Version 1.0 of School-Management-System has a security vulnerability. This vulnerability stems from improper handling of the sitemname POST parameter in the file...

9.8CVSS5.8AI score0.00269EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/24 12:48 a.m.6 views

CVE-2025-65354

Improper input handling in /Grocery/searchproductsitname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitemname POST parameter. Crafted payloads can alter query logic and disclose database contents. Exploitation may result in sensitive data disclosure and backend...

9.8CVSS7.8AI score0.00476EPSS
Exploits1References1
NVD
NVD
added 2025/12/23 8:15 p.m.3 views

CVE-2025-65354

Improper input handling in /Grocery/searchproductsitname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitemname POST parameter. Crafted payloads can alter query logic and disclose database contents. Exploitation may result in sensitive data disclosure and backend...

9.8CVSS0.00476EPSS
Exploits1References1
OSV
OSV
added 2025/12/23 8:15 p.m.4 views

CVE-2025-65354

Improper input handling in /Grocery/searchproductsitname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitemname POST parameter. Crafted payloads can alter query logic and disclose database contents. Exploitation may result in sensitive data disclosure and backend...

9.8CVSS5.9AI score0.00476EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/23 12:0 a.m.8 views

PT-2025-52847

Name of the Vulnerable Software and Affected Versions PuneethReddyHC event-management version 1.0 Description Improper input handling in the /Grocery/search products itname.php file allows for SQL injection via the sitem name POST parameter. Crafted payloads can alter query logic and disclose...

9.8CVSS7.4AI score0.00476EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2025/12/23 12:0 a.m.4 views

CVE-2025-65354

Improper input handling in /Grocery/searchproductsitname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitemname POST parameter. Crafted payloads can alter query logic and disclose database contents. Exploitation may result in sensitive data disclosure and backend...

9.8CVSS7.4AI score0.00476EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/23 12:0 a.m.29 views

CVE-2025-65354

Improper input handling in /Grocery/searchproductsitname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitemname POST parameter. Crafted payloads can alter query logic and disclose database contents. Exploitation may result in sensitive data disclosure and backend...

9.8CVSS0.00476EPSS
Exploits1References1
CVE
CVE
added 2025/12/23 12:0 a.m.18 views

CVE-2025-65354

CVE-2025-65354 affects PuneethReddyHC event-management version 1.0. The Red Hat and NVD entries, along with other feeds, describe improper input handling in /Grocery/search_products_itname.php that allows SQL injection via the sitem_name POST parameter. Crafted payloads can alter query logic and ...

9.8CVSS7.4AI score0.00476EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder