CVE-2025-13299

A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controller.php. Executing a manipulation can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used...

PT-2025-47068

Name of the Vulnerable Software and Affected Versions itsourcecode Inventory Management System version 1.0 Description A SQL injection issue exists in itsourcecode Inventory Management System. The issue is triggered by manipulating the PROID argument in the /index.php?q=product endpoint. This...

EUVD-2019-8185

Malware in sbrugna...

EUVD-2025-14093

Malicious code in bioql PyPI...

EUVD-2024-47329

Malicious code in bioql PyPI...

EUVD-2023-50266

Malicious code in bioql PyPI...

CVE-2025-6959 Campcodes Employee Management System eloginwel.php sql injection

A vulnerability classified as critical has been found in Campcodes Employee Management System 1.0. Affected is an unknown function of the file /eloginwel.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed t...

CVE-2024-46377

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the savesettings function of the file rental/adminclass.php...

PT-2025-18046 · Unknown · Phpgurukul Covid19 Testing Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul COVID19 Testing Management System version 1.0 Description: A critical vulnerability was found in the PHPGurukul COVID19 Testing Management System. This issue affects unknown code in the file /password-recovery.php. The manipulation...

CVE-2025-3685

A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file /editfpatient.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...

CVE-2025-3174 Project Worlds Online Lawyer Management System searchLawyer.php sql injection

A vulnerability has been found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /searchLawyer.php. The manipulation of the argument experience leads to sql injection. The attack can be launched...

CVE-2024-10752

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /productsadd.php. The manipulation of the argument id/name leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2024-54818

SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list...

CVE-2024-13004

A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 1.0. This affects an unknown part of the file /admin/category.php. The manipulation of the argument state leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-11678

CodeAstro Hospital Management System 1.0 is affected by a cross-site scripting vulnerability in /backend/doc/his_doc_register_patient.php. The issue arises from manipulating the parameters pat_fname, pat_ailment, pat_lname, pat_age, pat_dob, pat_number, pat_phone, pat_type, and pat_addr, allowing...

CVE-2024-11677

CVE-2024-11677 concerns CodeAstro Hospital Management System 1.0. The vulnerability affects the Add Vendor Details Page, specifically the file path /backend/admin/his_admin_add_vendor.php, where manipulation of the parameters v_name, v_adr, v_number, v_email, v_phone, and v_desc can trigger a cro...

CVE-2024-11661

The CVE-2024-11661 entry concerns Codezips Free Exam Hall Seating Management System 1.0, specifically the Profile Image Handler's profile.php. The vulnerability is triggered by manipulating the image parameter, leading to unrestricted file upload. It is described as exploitable remotely, with the...

CVE-2024-11257

A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-50972

CVE-2024-50972 affects Itsourcecode Construction Management System 1.0. A SQL injection flaw exists in printtool.php that allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter. The issue is supported by multiple sources (NVD, Red Hat, CNNVD, PT Security, CIRCL, CVE...

CVE-2024-50972

A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrowid parameter...