846 matches found
PT-2026-6715
Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A security flaw exists in itsourcecode Student Management System 1.0. The issue involves a SQL injection affecting an unknown function within the file /ramonsys/billing/index.php...
PT-2026-5424
Name of the Vulnerable Software and Affected Versions itsourcecode Directory Management System version 1.0 Description A security issue exists in itsourcecode Directory Management System. The issue involves SQL injection, triggered by manipulating the Username argument. This can be initiated...
CVE-2026-1589 itsourcecode School Management System index.php sql injection
A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/inquiry/index.php. This manipulation of the argument txtsearch causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed an...
EUVD-2026-4853
A weakness has been identified in itsourcecode School Management System 1.0. The affected element is an unknown function of the file /course/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made availab...
PT-2026-5281
berliCRM 1.0.24 contains a SQL injection vulnerability in the 'src record' parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through a crafted POST request to the index.php endpoint to potentially extract or modify database information...
VulnCheck KEV: CVE-2022-30777
Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...
CVE-2026-1545
A weakness has been identified in itsourcecode School Management System 1.0. The affected element is an unknown function of the file /course/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made availab...
CVE-2026-1545
A weakness has been identified in itsourcecode School Management System 1.0. The affected element is an unknown function of the file /course/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made availab...
CVE-2026-1422
A vulnerability was found in code-projects Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Page. Performing a manipulation of the argument User results in sql injection. The attack is possible to be carried ou...
EUVD-2026-4702
A vulnerability was found in code-projects Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Page. Performing a manipulation of the argument User results in sql injection. The attack is possible to be carried ou...
CVE-2026-1422 code-projects Online Examination System Login Page index.php sql injection
A vulnerability was found in code-projects Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Page. Performing a manipulation of the argument User results in sql injection. The attack is possible to be carried ou...
Code-Projects Online Examination System SQL Injection Vulnerability
Code-Projects Online Examination System is an open-source online examination system developed by Code-Projects. Version 1.0 of the Code-Projects Online Examination System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the User parameter in the...
PT-2026-4727
Name of the Vulnerable Software and Affected Versions code-projects Online Examination System version 1.0 Description A flaw exists in the Online Examination System that allows for remote SQL injection. This occurs through manipulation of the User argument within the /index.php file, specifically...
CVE-2021-47871 Hestia Control Panel 1.3.2 - Arbitrary File Write
Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...
EUVD-2026-3620
Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...
Hestia Control Panel security vulnerabilities
Hestia Control Panel is an open-source host control panel developed by Hestia. Version 1.3.2 of Hestia Control Panel contains a security vulnerability. This vulnerability stems from arbitrary file writing in the API index.php endpoint, which could allow authenticated attackers to write files...
CVE-2026-1160
A security vulnerability has been detected in PHPGurukul Directory Management System 1.0. Impacted is an unknown function of the file /index.php of the component Search. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2026-1176
A security flaw has been discovered in itsourcecode School Management System 1.0. Affected is an unknown function of the file /subject/index.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to...
CVE-2026-1176
A security flaw has been discovered in itsourcecode School Management System 1.0. Affected is an unknown function of the file /subject/index.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to...
EUVD-2026-3195
A security flaw has been discovered in itsourcecode School Management System 1.0. Affected is an unknown function of the file /subject/index.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to...