PT-2025-35517

Name of the Vulnerable Software and Affected Versions: RemoteClinic version 2.0 Description: A SQL injection issue exists in RemoteClinic 2.0 due to the manipulation of the ID argument in the /staff/profile.php file. The attack can be executed remotely. Recommendations: At the moment, there is no...

itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement in the parameter userid in the file /ajax/updateProfile.php. An attacker can exploit...

CVE-2025-8985

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-8985 SourceCodester COVID 19 Testing Management System profile.php sql injection

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been...

Online Banquet Booking System Cross-Site Scripting Vulnerability

Online Banquet Booking System is an online banquet booking system. A cross-site scripting vulnerability exists in Online Banquet Booking System, which originates from the failure to strictly filter the adminname parameter in the /admin/admin-profile.php file. An attacker can exploit this...

CVE-2025-7942

A vulnerability has been found in PHPGurukul Taxi Stand Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack can be...

PHPGurukul Online Banquet Booking System 安全漏洞

Online Banquet Booking System is an online banquet booking system. A cross-site scripting vulnerability exists in Online Banquet Booking System, which originates from the failure to strictly filter the adminname parameter in the /admin/admin-profile.php file. An attacker can exploit this...

PT-2025-30262 · Unknown · Phpgurukul Online Banquet Booking System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Banquet Booking System version 1.0 Description: A problematic vulnerability exists in an unknown functionality of the file /admin/admin-profile.php. Manipulation of the adminname argument leads to cross-site scripting. The...

PHPGurukul Apartment Visitors Management System 代码注入漏洞

PHPGurukul Apartment Visitors Management System is an apartment visitor management system from PHPGurukul. A code injection vulnerability exists in version 1.0 of the PHPGurukul Apartment Visitors Management System, which originates from cross-site scripting due to improper handling of the...

PHPGurukul Vehicle Parking Management System 注入漏洞

Vehicle Parking Management System is a parking management system. Vehicle Parking Management System suffers from a SQL injection vulnerability that stems from an error in the parameter firstname in the file /users/profile.php that lacks validation of an externally entered SQL statement. An attack...

Code-Projects Library System 代码问题漏洞

Library System is a library system. Library System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter image in the file /user/teacher/profile.php. An attacker can exploit this vulnerability to upload malicious files...

Library System profile.php File SQL Injection Vulnerability

Library System is a library system. The Library System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter phone in the file /profile.php. An attacker can exploit this vulnerability to execute illegal SQL...

CVE-2025-6836

A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2025-6333

A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. It is possible to initiate the attack remotely. The...

PHPGurukul Notice Board System 安全漏洞

Notice Board System is a bulletin board system. A SQL injection vulnerability exists in the Notice Board System, which originates from a lack of validation of externally-entered SQL statements in the parameter mobilenumber in file /admin-profile.php. An attacker can exploit this vulnerability to...

PT-2025-23893 · Unknown · Phpgurukul Notice Board System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Notice Board System version 1.0 Description: A critical vulnerability has been found in the PHPGurukul Notice Board System, affecting an unknown functionality of the file /admin-profile.php. The manipulation of the mobilenumber...

CodeAstro Real Estate Management System SQL注入漏洞

CodeAstro Real Estate Management System is a real estate management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Real Estate Management System version 1.0, which is caused by incorrect manipulation of the parameter content in the file /profile.php...

CVE-2025-5431

A vulnerability, which was classified as critical, was found in AssamLook CMS 1.0. Affected is an unknown function of the file /department-profile.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2025-5207

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

CVE-2024-51360

An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary code via the hms/doctor/edit-profile.php file...