975 matches found
CVE-2025-69563
code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExLogin.php via the Password parameter...
CVE-2025-69564
code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExAddNewUser.php via the Name, Address, email, UserName, Password, confirmpassword, Role, Branch, and Activate parameters...
CVE-2025-69563
code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExLogin.php via the Password parameter...
PT-2026-4951
code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExLogin.php via the Password parameter...
EUVD-2025-206392
code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExLogin.php via the Password parameter...
CVE-2025-69563
The provided data confirms CVE-2025-69563 affects code-projects Mobile Shop Management System 1.0 and is due to a SQL Injection in /ExLogin.php through the Password parameter. The vulnerability is described as high impact (C/H/I/A) with CVSS v3.1 base score 9.8 (CRITICAL), attack vector Network, ...
CVE-2021-47846
Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login pages that allows unauthenticated attackers to bypass authentication. Attackers can exploit the vulnerability by sending crafted SQL injection payloads in email and password...
CVE-2021-47846
Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login pages that allows unauthenticated attackers to bypass authentication. Attackers can exploit the vulnerability by sending crafted SQL injection payloads in email and password...
EUVD-2026-3637
Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login pages that allows unauthenticated attackers to bypass authentication. Attackers can exploit the vulnerability by sending crafted SQL injection payloads in email and password...
PT-2026-2430
Name of the Vulnerable Software and Affected Versions WorkOrder CMS version 0.1.0 Description WorkOrder CMS version 0.1.0 has a SQL injection issue. An unauthenticated attacker can bypass login by manipulating the username and password parameters. Attackers can inject malicious SQL queries, such ...
CVE-2025-59468
This vulnerability allows a Backup Administrator to perform remote code execution RCE as the postgres user by sending a malicious password parameter...
CVE-2023-40834
OpenCart CMS v4.0.2.2 was discovered to lack a protective mechanism on its login page against excessive login attempts, allowing unauthenticated attackers to gain access to the application via a brute force attack to the password parameter...
CVE-2022-38637
Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page...
CVE-2022-37153
An issue was discovered in Artica Proxy 4.30.000000. There is a XSS vulnerability via the password parameter in /fw.login.php...
CVE-2024-34308
TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a stack overflow via the password parameter in the function urldecode...
CVE-2025-59468
This vulnerability allows a Backup Administrator to perform remote code execution RCE as the postgres user by sending a malicious password parameter...
CVE-2025-59468
This vulnerability allows a Backup Administrator to perform remote code execution RCE as the postgres user by sending a malicious password parameter...
CVE-2025-59468
This vulnerability allows a Backup Administrator to perform remote code execution RCE as the postgres user by sending a malicious password parameter...
CVE-2025-59468
This vulnerability allows a Backup Administrator to perform remote code execution RCE as the postgres user by sending a malicious password parameter...
Code-Projects Online Product Reservation System SQL注入漏洞
Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. A SQL injection vulnerability exists in Code-Projects Online Product Reservation System version 1.0, which originates from a misuse of the parameters emailadd/pass in the file...