CVE-2026-9450

A security flaw has been discovered in code-projects Employee Management System 1.0. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public a...

CVE-2026-9450

A security flaw has been discovered in code-projects Employee Management System 1.0. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public a...

CVE-2026-9450 code-projects Employee Management System psubmit.php sql injection

A security flaw has been discovered in code-projects Employee Management System 1.0. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public a...

CVE-2026-9450

The CVE-2026-9450 entry concerns code-projects Employee Management System 1.0. A SQL injection vulnerability exists in /psubmit.php via the pid parameter. The issue is exploitable remotely, with exploitation maturity listed as PROOF-OF-CONCEPT. Affected component/function is unknown beyond /psubm...

PT-2026-43037

A security flaw has been discovered in code-projects Employee Management System 1.0. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public a...

Code-Projects Employee Management System SQL注入漏洞

Code-Projects Employee Management System is a Code-Projects open source employee management system . Code-Projects Employee Management System version 1.0 suffers from a SQL injection vulnerability that originates from the operation of the parameter pid by an unknown function in the /psubmit.php...

CVE-2026-7410

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

CVE-2026-7410

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

EUVD-2026-26292

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

PT-2026-36016

Name of the Vulnerable Software and Affected Versions SourceCodester Pizzafy Ecommerce System version 1.0 Description Remote SQL injection is possible via the manipulation of the pid argument in the '/admin/ajax.php?action=add to cart' endpoint. SQL injection is a type of flaw that allows an...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability, which arises from the parameter pid being manipulated in the file admin/ajax.php?action=addtocart...

EUVD-2023-60550

WordPress adivaha Travel Plugin 2.3 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid' GET parameter. Attackers can send requests to the /mobile-app/v3/ endpoint with crafted 'pid'...

CVE-2023-54359

WordPress adivaha Travel Plugin 2.3 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid' GET parameter. Attackers can send requests to the /mobile-app/v3/ endpoint with crafted 'pid'...

CVE-2023-54359

The affected product is WordPress adivaha Travel Plugin 2.3. The vulnerability is a time-based blind SQL injection in the pid parameter, exploitable via the /mobile-app/v3/ endpoint, allowing unauthenticated attackers to manipulate queries and potentially extract sensitive data. The description n...

CVE-2023-54359 WordPress adivaha Travel Plugin 2.3 SQL Injection via pid

WordPress adivaha Travel Plugin 2.3 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid' GET parameter. Attackers can send requests to the /mobile-app/v3/ endpoint with crafted 'pid'...

PT-2026-31726

Name of the Vulnerable Software and Affected Versions WordPress adivaha Travel Plugin version 2.3 Description The adivaha Travel Plugin for WordPress version 2.3 contains a time-based blind SQL injection vulnerability. Unauthenticated attackers can manipulate database queries by injecting SQL cod...

CVE-2025-50657

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint...

D-Link DI-8003 安全漏洞

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. The D-Link DI-8003 suffers from a buffer overflow vulnerability that originates from improper handling of the pid parameter in the /trace.asp endpoint, which can be exploited by an attacker to cause a denial of service...

PT-2026-31381

CVE-2025-50657 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint. https://t.co/1WRVJZ8huB...

CVE-2025-50657

The CVE-2025-50657 entry concerns D-Link DI-8003 router firmware (16.07.26A1). The concrete issue is a buffer overflow caused by improper handling of the pid parameter in the /trace.asp endpoint. Descriptions across CNVD, RH, EUVD, NVD and CVE records consistently indicate this vulnerability can ...