Brute Force

Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Brute Force via the processLoginRequest function. An attacker can gain unauthorized access by sending unlimited authentication attempts over a WebSocket connection,...

CVE-2018-25201

The CVE-2018-25201 issue affects School Management System CMS 1.0. An SQL injection in the admin login (processlogin endpoint) via the username parameter allows bypassing authentication by sending boolean-based blind payloads, enabling login as administrator without valid credentials. The vulnera...

CVE-2018-25195

Wecodex Hotel CMS 1.0 contains an SQL injection vulnerability in the admin login functionality that allows unauthenticated attackers to bypass authentication by injecting SQL code. Attackers can submit malicious SQL payloads through the username parameter in POST requests to index.php with...

CVE-2025-12938

A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /processlogin.php. The manipulation of the argument keywords leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

CVE-2025-12938

A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /processlogin.php. The manipulation of the argument keywords leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

CVE-2025-12938

A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /processlogin.php. The manipulation of the argument keywords leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

CVE-2025-12938

Summary: CVE-2025-12938 affects projectworlds Online Admission System 1.0. Affected component: file /process_login.php, where manipulation of the keywords parameter enables a SQL injection. The vulnerability is remote, with a publicly available exploit noted in the sources. Multiple feeds corrobo...

EUVD-2025-44044

A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /processlogin.php. The manipulation of the argument keywords leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

CVE-2025-12938 projectworlds Online Admission System process_login.php sql injection

A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /processlogin.php. The manipulation of the argument keywords leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

CVE-2025-12938 projectworlds Online Admission System process_login.php sql injection

A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /processlogin.php. The manipulation of the argument keywords leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

PT-2025-46140

Name of the Vulnerable Software and Affected Versions projectworlds Online Admission System version 1.0 Description A security issue exists in projectworlds Online Admission System version 1.0. The issue involves a SQL injection that can be triggered remotely through manipulation of the keywords...

Projectworlds Online Admission System SQL注入漏洞

Projectworlds Online Admission System is an online admission system from Projectworlds India. Projectworlds Online Admission System version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter keywords in the file /processlogin.php, which could le...

CVE-2025-6777

A vulnerability, which was classified as critical, has been found in code-projects Food Distributor Site 1.0. This issue affects some unknown processing of the file /admin/processlogin.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated...

CVE-2025-0298 code-projects Online Book Shop process_login.php sql injection

A vulnerability was found in code-projects Online Book Shop 1.0. It has been rated as critical. This issue affects some unknown processing of the file /processlogin.php. The manipulation of the argument usernm leads to sql injection. The attack may be initiated remotely. The exploit has been...

Code-Projects Online Book Shop 安全漏洞

Code-Projects Online Book Shop is a Code-Projects open source online bookstore. A security vulnerability exists in Code-Projects Online Book Shop version 1.0, which originates from an SQL injection vulnerability in the usernm parameter of the /processlogin.php page...

Hotel-Management-System 安全漏洞

Hotel-Management-System is a hotel management system by the individual developer Vaibhav Verma. Hotel-Management-System has a security vulnerability that stems from an issue in the login component processlogin.php that allows an attacker to authenticate without providing a valid password...

CVE-2023-44164

The 'Email' parameter of the processlogin.php resource does not validate the characters received and they are sent unfiltered to the database...

Design/Logic Flaw

The 'Email' parameter of the processlogin.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2022-24627

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an unauthenticated SQL injection in the p parameter of the processlogin.php login form...

CVE-2022-24627

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an unauthenticated SQL injection in the p parameter of the processlogin.php login form...