96 matches found
CVE-2025-56214
The CVE-2025-56214 entry concerns phpgurukul Hospital Management System 4.0, which is vulnerable to SQL Injection in index.php via the username parameter. The vulnerability stems from unsafely handling user input in a PHP/MySQL context, enabling potentially arbitrary SQL execution with a base CVS...
CVE-2025-52335
EyouCMS 1.7.3 is vulnerale to Cross Site Scripting XSS in index.php, which can be exploited to obtain sensitive information...
The vulnerability of the index.php script used by the sar2html system statistics visualization tool allows a perpetrator to execute arbitrary commands.
The vulnerability of the index.php script used by the sar2html system statistics visualization tool is related to insufficient validation of input data during the processing of the plot parameter. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...
Emergency Ambulance Hiring Portal index.php File SQL Injection Vulnerability
Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. Emergency Ambulance Hiring Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in /index.php. An attacker can exploit this vulnerability to execute...
CVE-2025-5560
A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2024-5635
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument txtsearch leads to sql injection. The attack can be launched remotely...
CVE-2025-1213
A vulnerability was found in pihome-shc PiHome 1.77. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack may be launched remotely. The exploit has...
The vulnerability of the index.php script in the YouDianCMS content management system allows attackers to escalate their privileges or cause service failures.
The vulnerability of the index.php script in the YouDianCMS content management system is related to the unlimited loading of dangerous data due to improper session management. Exploiting this vulnerability can allow a malicious actor to increase their privileges or cause service failures...
TeamCal Neo SQL注入漏洞
TeamCal Neo is a calendar-based web application by George Lewe Personal Developer. A SQL injection vulnerability exists in TeamCal Neo version 3.8.2. An attacker can use this vulnerability to inject malicious SQL statements via the "abs" parameter in "/teamcal/src/index.php" to retrieve, update,...
CVE-2024-13074
A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-54790
A SQL Injection vulnerability was found in /index.php in PHPGurukul Pre-School Enrollment System v1.0, which allows remote attackers to execute arbitrary code via the visittime parameter...
CVE-2024-54811
A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter...
Vehicle Record Management System /index.php File SQL Injection Vulnerability
Vehicle Record Management System is a vehicle record management system. Vehicle Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the searchinputdata parameter of the /index.php file. An attacker...
CVE-2024-51060
Projectworlds Online Admission System v1 is vulnerable to SQL Injection in index.php via the 'aid' parameter...
PT-2024-34508 · Unknown · Projectworlds Online Admission System
Name of the Vulnerable Software and Affected Versions: Projectworlds Online Admission System version v1 Description: The issue is related to SQL Injection in the index.php file via the a id parameter. This allows for potential exploitation. No information is provided about the estimated number of...
PT-2024-39425 · Unknown · Code-Projects Student Record System
Name of the Vulnerable Software and Affected Versions: code-projects Student Record System version 1.0 Description: A critical vulnerability was found in the code-projects Student Record System. The issue affects an unknown functionality of the file /index.php. The manipulation of the regno...
CVE-2024-8582
A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument description leads to cross site scripting. The attack may be launched...
Code-Projects Hospital Management System SQL注入漏洞
Code-Projects Hospital Management System is a Code-Projects open source hospital management system. Code-Projects Hospital Management System version 1.0 suffers from a SQL injection vulnerability, which originates from a SQL injection vulnerability contained in the index.php page...
CVE-2024-7496
A vulnerability has been found in itsourcecode Airline Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack can be initiated remotely. The exploit has been...
CVE-2024-6308
A vulnerability was found in itsourcecode Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploi...