Student-Management-System SQL注入漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. Version 1.0 of Student-Management-System has a SQL injection vulnerability; this vulnerability stems from the email parameter on the login page, which may lead to remote attacks...

CVE-2026-7227

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function Login of the file /admin/ajax.php?action=login. The manipulation of the argument e-mail results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2026-5180

A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

GHSA-X39M-3393-3QP4 Flowise doesn't Prevent Bypass of Password Confirmation through Unverified Email Change (credentials)

Summary Unverified Email Change - Email as part of Credential / Unverified Account Recovery Channel Change The application allows changing the account email address used as a login identifier and/or password recovery address without verifying the requester’s authority to make that change no...

PT-2025-40994

Name of the Vulnerable Software and Affected Versions SourceCodester Hotel and Lodge Management System version 1.0 Description A security flaw exists in SourceCodester Hotel and Lodge Management System 1.0. The issue involves SQL injection, potentially initiated remotely, through manipulation of...

CVE-2025-10796

A vulnerability was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /justines/admin/login.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The exploit has been made public and could ...

Code-Projects Hostel Management System 安全漏洞

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter email in the file /justines/admin/login.php. An attacker can use this...

SourceCodester Open Source Clinic Management System 注入漏洞

SourceCodester Open Source Clinic Management System is an open source clinic management system from SourceCodester. An injection vulnerability exists in SourceCodester Open Source Clinic Management System version 1.0, which is caused by incorrect manipulation of the parameter email in the file...

PT-2024-17895 · Codeastro · Codeastro Simple Loan Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Simple Loan Management System version 1.0 Description: A critical issue has been found in the CodeAstro Simple Loan Management System. The problem affects an unknown functionality of the /index.php file in the Login component...

Best Courier Management System 安全漏洞

Best Courier Management System is a courier management system by Mayuri K. Individual developer. A security vulnerability exists in Best Courier Management System version v.1.0. A remote attacker can exploit this vulnerability to execute arbitrary code via the email parameter of a login request...

SourceCodester Point of Sales and Inventory Management System SQL注入漏洞

SourceCodester Point of Sales and Inventory Management System is a point of sale and inventory management system from SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester Point of Sales and Inventory Management System version 1.0, which originates from a SQL injection...

Sql injection

Pharmacy Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the email or password parameter at login.php...

PT-2022-8722 · Sourcecodester · Sourcecodester Mobile Shop System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Mobile Shop System in PHP MySQL version 1.0 Description: An SQL Injection issue exists in the system via the email parameter in the "login.php" or "LoginAsAdmin.php" files. This allows for potential exploitation. Recommendation...

GitLab: Email notification about login email changed is not received when using verified linked email address

Summary In https://gitlab.com/profile, user can update the email id to use for login to gitlab account using field "Email". Usually, when this login email id is updated, there will be 2 email sent on previous email Id with subjects as. Email 1 - Email Changed:- This tell that login email has been...