Lucene search
+L

96 matches found

CVE
CVE
added 2025/08/25 12:0 a.m.17 views

CVE-2025-56214

The CVE-2025-56214 entry concerns phpgurukul Hospital Management System 4.0, which is vulnerable to SQL Injection in index.php via the username parameter. The vulnerability stems from unsafely handling user input in a PHP/MySQL context, enabling potentially arbitrary SQL execution with a base CVS...

9.8CVSS8.3AI score0.0033EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/14 12:0 a.m.5 views

CVE-2025-52335

EyouCMS 1.7.3 is vulnerale to Cross Site Scripting XSS in index.php, which can be exploited to obtain sensitive information...

5.8AI score0.00194EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/01 12:0 a.m.8 views

The vulnerability of the index.php script used by the sar2html system statistics visualization tool allows a perpetrator to execute arbitrary commands.

The vulnerability of the index.php script used by the sar2html system statistics visualization tool is related to insufficient validation of input data during the processing of the plot parameter. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

10CVSS5.8AI score0.60635EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2025/06/27 12:0 a.m.4 views

Emergency Ambulance Hiring Portal index.php File SQL Injection Vulnerability

Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. Emergency Ambulance Hiring Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in /index.php. An attacker can exploit this vulnerability to execute...

9.8CVSS8.3AI score0.00394EPSS
Exploits1References1
OSV
OSV
added 2025/06/04 4:16 a.m.9 views

CVE-2025-5560

A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

9.8CVSS5.8AI score0.00399EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 9:16 a.m.4 views

CVE-2024-5635

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument txtsearch leads to sql injection. The attack can be launched remotely...

9.8CVSS7.9AI score0.00664EPSS
Exploits1References1
OSV
OSV
added 2025/02/12 6:15 p.m.5 views

CVE-2025-1213

A vulnerability was found in pihome-shc PiHome 1.77. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack may be launched remotely. The exploit has...

5.4CVSS3.6AI score0.00498EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2025/02/10 12:0 a.m.8 views

The vulnerability of the index.php script in the YouDianCMS content management system allows attackers to escalate their privileges or cause service failures.

The vulnerability of the index.php script in the YouDianCMS content management system is related to the unlimited loading of dangerous data due to improper session management. Exploiting this vulnerability can allow a malicious actor to increase their privileges or cause service failures...

10CVSS5.5AI score0.00488EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.6 views

TeamCal Neo SQL注入漏洞

TeamCal Neo is a calendar-based web application by George Lewe Personal Developer. A SQL injection vulnerability exists in TeamCal Neo version 3.8.2. An attacker can use this vulnerability to inject malicious SQL statements via the "abs" parameter in "/teamcal/src/index.php" to retrieve, update,...

9.8CVSS7.9AI score0.00815EPSS
Exploits0References1
OSV
OSV
added 2024/12/31 5:15 p.m.5 views

CVE-2024-13074

A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.4CVSS3.9AI score0.00291EPSS
Exploits0References5
OSV
OSV
added 2024/12/19 3:15 p.m.2 views

CVE-2024-54790

A SQL Injection vulnerability was found in /index.php in PHPGurukul Pre-School Enrollment System v1.0, which allows remote attackers to execute arbitrary code via the visittime parameter...

7.5CVSS6.1AI score0.00642EPSS
Exploits1References1
OSV
OSV
added 2024/12/12 7:15 p.m.3 views

CVE-2024-54811

A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter...

9.8CVSS6.1AI score0.00613EPSS
Exploits1References1
CNVD
CNVD
added 2024/11/01 12:0 a.m.4 views

Vehicle Record Management System /index.php File SQL Injection Vulnerability

Vehicle Record Management System is a vehicle record management system. Vehicle Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the searchinputdata parameter of the /index.php file. An attacker...

6.3CVSS8.2AI score0.00312EPSS
Exploits1References1
OSV
OSV
added 2024/10/31 7:15 p.m.6 views

CVE-2024-51060

Projectworlds Online Admission System v1 is vulnerable to SQL Injection in index.php via the 'aid' parameter...

9.1CVSS5.8AI score0.00449EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.6 views

PT-2024-34508 · Unknown · Projectworlds Online Admission System

Name of the Vulnerable Software and Affected Versions: Projectworlds Online Admission System version v1 Description: The issue is related to SQL Injection in the index.php file via the a id parameter. This allows for potential exploitation. No information is provided about the estimated number of...

9.1CVSS8.1AI score0.00449EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/09/22 12:0 a.m.10 views

PT-2024-39425 · Unknown · Code-Projects Student Record System

Name of the Vulnerable Software and Affected Versions: code-projects Student Record System version 1.0 Description: A critical vulnerability was found in the code-projects Student Record System. The issue affects an unknown functionality of the file /index.php. The manipulation of the regno...

9.8CVSS8.1AI score0.00659EPSS
Exploits1References13
OSV
OSV
added 2024/09/08 10:15 p.m.5 views

CVE-2024-8582

A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument description leads to cross site scripting. The attack may be launched...

6.1CVSS3.8AI score0.00438EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/09/01 12:0 a.m.18 views

Code-Projects Hospital Management System SQL注入漏洞

Code-Projects Hospital Management System is a Code-Projects open source hospital management system. Code-Projects Hospital Management System version 1.0 suffers from a SQL injection vulnerability, which originates from a SQL injection vulnerability contained in the index.php page...

9.8CVSS7.9AI score0.00755EPSS
Exploits1References7
OSV
OSV
added 2024/08/06 2:15 a.m.4 views

CVE-2024-7496

A vulnerability has been found in itsourcecode Airline Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack can be initiated remotely. The exploit has been...

8.8CVSS5.5AI score0.0065EPSS
Exploits1References4
OSV
OSV
added 2024/06/25 5:15 p.m.5 views

CVE-2024-6308

A vulnerability was found in itsourcecode Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploi...

9.8CVSS6.8AI score0.00682EPSS
Exploits1References4
Rows per page
Query Builder