CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/12/14 9:30 a.m.•2 views

EUVD-2025-203292

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This issue affects some unknown processing of the file /admindetail.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and...

7.5CVSS6.6AI score0.00028EPSS

Exploits1References7

Vulnrichment•added 2025/12/14 9:2 a.m.•1 views

CVE-2025-14652 itsourcecode Online Cake Ordering System admindetail.php sql injection

CVE•added 2025/12/14 9:2 a.m.•7 views

CVE-2025-14652

CVE-2025-14652 affects itsourcecode Online Cake Ordering System 1.0. A SQL injection vulnerability exists in the /admindetail.php?action=edit endpoint via manipulation of the ID parameter. Exploitation is remote and the exploit has been publicly disclosed. Impact per sources includes confidential...

9.8CVSS6.8AI score0.00028EPSS

Cvelist•added 2025/12/14 9:2 a.m.•20 views

CVE-2025-14652 itsourcecode Online Cake Ordering System admindetail.php sql injection

7.5CVSS0.00028EPSS

Vulnrichment•added 2025/12/14 7:32 a.m.•1 views

CVE-2025-14649 itsourcecode Online Cake Ordering System supplier.php sql injection

CVE•added 2025/12/14 7:32 a.m.•7 views

CVE-2025-14649

CVE-2025-14649 affects itsourcecode Online Cake Ordering System 1.0. The vulnerability is in /cakeshop/supplier.php where manipulating the supplier parameter triggers an SQL injection. Exploitation can be performed remotely and the exploit is publicly available. No remediation/fix details are pro...

9.8CVSS7.4AI score0.00028EPSS

OSV•added 2025/12/14 4:15 a.m.•0 views

CVE-2025-14644

A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /updatesubject.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclos...

9.8CVSS5.8AI score

Exploits0References5

CVE•added 2025/12/14 3:32 a.m.•8 views

CVE-2025-14644

CVE-2025-14644 affects itsourcecode Student Management System 1.0. The vulnerability is an SQL injection in the /update_subject.php file triggered by manipulating the ID parameter, exploitable remotely. Public exploits exist per sources, and multiple feeds (NVD, Red Hat, EUVD, CNNVD, CVE records)...

9.8CVSS6.7AI score0.00028EPSS

Vulnrichment•added 2025/12/14 3:32 a.m.•1 views

CVE-2025-14644 itsourcecode Student Management System update_subject.php sql injection

7.5CVSS6.7AI score0.00028EPSS

NVD•added 2025/12/14 2:15 a.m.•2 views

CVE-2025-14639

A vulnerability was detected in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /uprec.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...

9.8CVSS0.00028EPSS

Cvelist•added 2025/12/14 1:2 a.m.•16 views

CVE-2025-14639 itsourcecode Student Management System uprec.php sql injection

7.5CVSS0.00028EPSS

Vulnrichment•added 2025/12/14 1:2 a.m.•1 views

CVE-2025-14639 itsourcecode Student Management System uprec.php sql injection

CVE•added 2025/12/14 1:2 a.m.•7 views

CVE-2025-14639

CVE-2025-14639 affects itsourcecode Student Management System 1.0. The vulnerability is an SQL injection in the file /uprec.php caused by manipulating the ID parameter, with network-based remote exploitation reportedly possible and the exploit publicly available. Multiple connected sources corrob...

9.8CVSS7.3AI score0.00028EPSS

Vulnrichment•added 2025/12/14 12:32 a.m.•1 views

CVE-2025-14638 itsourcecode Online Pet Shop Management System update_cnp.php sql injection

A security vulnerability has been detected in itsourcecode Online Pet Shop Management System 1.0. This issue affects some unknown processing of the file /pet1/updatecnp.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE•added 2025/12/14 12:32 a.m.•7 views

CVE-2025-14638

CVE-2025-14638 affects the open-source system “itsourcecode Online Pet Shop Management System 1.0.” The vulnerability lies in the file “/pet1/update_cnp.php,” where manipulation of the ID parameter enables an SQL injection. Exploitation has been publicly disclosed and is described as remote, with...

9.8CVSS7.2AI score0.00028EPSS

CNNVD•added 2025/12/14 12:0 a.m.•1 views

itsourcecode Student Management System SQL注入漏洞

itsourcecode Student Management System is an open source student management system from itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from incorrect manipulation of the parameter ID in the file /addrecord.php, which could...

9.8CVSS7.7AI score0.00028EPSS

CNNVD•added 2025/12/14 12:0 a.m.•1 views

itsourcecode Student Management System SQL注入漏洞

9.8CVSS7.7AI score0.00028EPSS

Positive Technologies•added 2025/12/14 12:0 a.m.•3 views

PT-2025-51163

A vulnerability has been found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the publ...

7.5CVSS7.2AI score0.00028EPSS

CNNVD•added 2025/12/14 12:0 a.m.•1 views

itsourcecode Online Pet Shop Management System SQL注入漏洞

itsourcecode Online Pet Shop Management System is itsourcecode open source online pet store management system. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Pet Shop Management System. The vulnerability stems from incorrect manipulation of the parameter ID in the file...

9.8CVSS7.7AI score0.00028EPSS