CVE-2025-56605

CVE-2025-56605 concerns PuneethReddyHC Event Management System 1.0. The issue is a reflected XSS in the register.php backend script where the mobile POST parameter is not sanitized and is echoed back in the HTTP response. This allows an attacker to inject and execute arbitrary JavaScript in a vic...

CVE-2025-56605

A reflected Cross-Site Scripting XSS vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echoed back in the HTTP response without sanitization, allowing an attacker to inject and execute...

CVE-2025-56605

A reflected Cross-Site Scripting XSS vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echoed back in the HTTP response without sanitization, allowing an attacker to inject and execute...

EUVD-2024-55095

PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the email and mobileno parameters in reset-password.php...

EUVD-2025-29196

Malicious code in bioql PyPI...

CVE-2025-56252

Cross Site Scripting xss vulnerability in ServitiumCRM 2.10 allowing attackers to execute arbitrary code via a crafted URL to the mobile parameter...

CVE-2025-56252

Cross Site Scripting xss vulnerability in ServitiumCRM 2.10 allowing attackers to execute arbitrary code via a crafted URL to the mobile parameter...

CVE-2025-56252

Cross Site Scripting xss vulnerability in ServitiumCRM 2.10 allowing attackers to execute arbitrary code via a crafted URL to the mobile parameter...

PT-2025-37706

Name of the Vulnerable Software and Affected Versions: ServitiumCRM version 2.10 Description: A cross-site scripting XSS issue exists in ServitiumCRM version 2.10. This allows attackers to execute arbitrary code through a crafted URL targeting the mobile parameter. Recommendations: Sanitize or...

CVE-2025-56252

Cross Site Scripting xss vulnerability in ServitiumCRM 2.10 allowing attackers to execute arbitrary code via a crafted URL to the mobile parameter...

CVE-2025-56252

CVE-2025-56252 is a documented XSS in ServitiumCRM 2.10, exploitable via a crafted URL to the mobile parameter, potentially allowing arbitrary code execution. The issue is publicly described across multiple feeds; remediation guidance (e.g., PT-2025-37706) recommends sanitizing/encoding the mobil...

Church Donation System reg.php File SQL Injection Vulnerability

The Church Donation System is a system of church giving. Church Donation System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter mobile in the file /reg.php. An attacker can exploit this vulnerability to execut...

CVE-2025-7930

A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /members/addmembers.php. The manipulation of the argument mobile leads to sql injection. The attack can be launched...

PT-2025-30303 · Unknown · Church Donation System

Name of the Vulnerable Software and Affected Versions: Church Donation System version 1.0 Description: A critical issue exists in an unknown functionality of the file /members/add members.php. Manipulation of the mobile argument can lead to SQL injection. The attack can be launched remotely. The...

Code-Projects Church Donation System 注入漏洞

The Church Donation System is a system of church giving. Church Donation System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter mobile in the file /reg.php. An attacker can exploit this vulnerability to execut...

Vehicle Record Management System profile.php file cross-site scripting vulnerability

Vehicle Record Management System is a vehicle record management system. Vehicle Record Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the name, email, and mobile parameters in...

CVE-2025-44183

Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting XSS in /admin/profile.php via the name, email, and mobile parameters...

PHPGurukul Vehicle Record Management System 安全漏洞

Vehicle Record Management System is a vehicle record management system. Vehicle Record Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the name, email, and mobile parameters in...

CVE-2025-44183

CVE-2025-44183 affects Phpgurukul Vehicle Record Management System v1.0. The vulnerability is a Cross Site Scripting (XSS) in the /admin/profile.php endpoint via the parameters name , email , and mobile . Root cause per sources is lack of proper filtering/escaping of user-supplied data. Impact de...

PHPGurukul Pre-School Enrollment System 注入漏洞

PHPGurukul Pre-School Enrollment System is a web-based preschool enrollment system from PHPGurukul, Inc. An injection vulnerability exists in version 1.0 of the PHPGurukul Pre-School Enrollment System that stems from improper manipulation of the fullname/emailid/mobileNumber parameters, which cou...