2147 matches found
CVE-2025-15073
CVE-2025-15073 affects itsourcecode Online Frozen Foods Ordering System 1.0. A SQL injection vulnerability exists in the contact_us.php handling of the Name parameter, with remote exploitation reported and public disclosure of the exploit. Several connected sources consistently cite the issue in ...
itsourcecode Online Frozen Foods Ordering System SQL注入漏洞
itsourcecode Online Frozen Foods Ordering System is itsourcecode open source online frozen food ordering system . A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Frozen Foods Ordering System, which stems from an incorrect manipulation of the parameter Name in the file...
PT-2025-53382
Name of the Vulnerable Software and Affected Versions itsourcecode Online Frozen Foods Ordering System version 1.0 Description A SQL injection issue exists in itsourcecode Online Frozen Foods Ordering System version 1.0. The issue is located in the /contact us.php file. Manipulation of the Name...
CVE-2025-15034 itsourcecode Student Management System record.php sql injection
A security flaw has been discovered in itsourcecode Student Management System 1.0. This affects an unknown part of the file /record.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be...
CVE-2025-15034 itsourcecode Student Management System record.php sql injection
A security flaw has been discovered in itsourcecode Student Management System 1.0. This affects an unknown part of the file /record.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be...
CVE-2025-15034
CVE-2025-15034 affects itsourcecode Student Management System 1.0. The vulnerability exists in /record.php where manipulating the ID parameter triggers a SQL injection. It is exploitable remotely and, per multiple sources, the exploit has been released publicly. No specific remediation is stated ...
itsourcecode Student Management System SQL注入漏洞
itsourcecode Student Management System is an open source student management system from itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from incorrect manipulation of the parameter ID in the file /record.php, which could lea...
CVE-2025-14967
A vulnerability was identified in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /candidatesreport.php. The manipulation of the argument schoolyear leads to sql injection. The attack can be initiated remotely. The exploit is...
CVE-2025-14967 itsourcecode Student Management System candidates_report.php sql injection
A vulnerability was identified in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /candidatesreport.php. The manipulation of the argument schoolyear leads to sql injection. The attack can be initiated remotely. The exploit is...
CVE-2025-14967
CVE-2025-14967 affects itsourcecode Student Management System 1.0. The vulnerability lies in the file /candidates_report.php where manipulation of the school_year parameter leads to SQL injection. Attacks can be initiated remotely, and an exploit is publicly available. Red Hat and other sources c...
CVE-2025-14967 itsourcecode Student Management System candidates_report.php sql injection
A vulnerability was identified in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /candidatesreport.php. The manipulation of the argument schoolyear leads to sql injection. The attack can be initiated remotely. The exploit is...
itsourcecode Student Management System SQL注入漏洞
itsourcecode Student Management System is an itsourcecode open source student management system. SQL injection vulnerability exists in itsourcecode Student Management System version 1.0, which originates from an unknown function in the file /candidatesreport.php that improperly handles the...
CVE-2025-14832
A vulnerability was identified in itsourcecode Online Cake Ordering System 1.0. The affected element is an unknown function of the file /updateproduct.php?action=edit. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicl...
EUVD-2025-204018
A vulnerability was identified in itsourcecode Online Cake Ordering System 1.0. The affected element is an unknown function of the file /updateproduct.php?action=edit. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicl...
CVE-2025-14832 itsourcecode Online Cake Ordering System updateproduct.php sql injection
A vulnerability was identified in itsourcecode Online Cake Ordering System 1.0. The affected element is an unknown function of the file /updateproduct.php?action=edit. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicl...
CVE-2025-14832 itsourcecode Online Cake Ordering System updateproduct.php sql injection
A vulnerability was identified in itsourcecode Online Cake Ordering System 1.0. The affected element is an unknown function of the file /updateproduct.php?action=edit. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicl...
CVE-2025-14832
The affected software is itsourcecode Online Cake Ordering System v1.0. The vulnerability lies in the file /updateproduct.php?action=edit where manipulation of the ID parameter enables SQL injection, enabling remote exploitation. Multiple connected sources corroborate a publicly available exploit...
EUVD-2025-203900
A SQL injection vulnerability was found in the '/cts/admin/?page=zone' file of ITSourcecode COVID Tracking System Using QR-Code v1.0. The reason for this issue is that attackers inject malicious code from the parameter 'id' and use it directly in SQL queries without the need for appropriate...
CVE-2025-67285
A SQL injection vulnerability was found in the '/cts/admin/?page=zone' file of ITSourcecode COVID Tracking System Using QR-Code v1.0. The reason for this issue is that attackers inject malicious code from the parameter 'id' and use it directly in SQL queries without the need for appropriate...
CVE-2025-67285
CVE-2025-67285 affects ITSourcecode COVID Tracking System Using QR-Code v1.0. The vulnerability is a SQL injection in the file /cts/admin/?page=zone where the parameter id is injected directly into SQL queries without proper sanitization/validation. This is consistently described across multiple ...