139 matches found
CVE-2024-51360
An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary code via the hms/doctor/edit-profile.php file...
CVE-2023-1397
A vulnerability classified as problematic has been found in SourceCodester Online Student Management System 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2022-41537
Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /useroperations/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
Human Metapneumovirus Testing Management System /profile.php File SQL Injection Vulnerability
Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. The Human Metapneumovirus Testing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter...
Complaint Management System /admin/admin-profile.php File SQL Injection Vulnerability
Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter mobilenumber in the file /admin/admin-profile.php. An attacker can...
CVE-2025-4861
A vulnerability classified as critical was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be launched...
PHPGurukul Beauty Parlour Management System 注入漏洞
Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of the contactnumber parameter in the fil...
CVE-2025-4812
A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiat...
CVE-2025-4724
A vulnerability, which was classified as critical, has been found in itsourcecode Placement Management System 1.0. Affected by this issue is some unknown functionality of the file /studentprofile.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely...
CVE-2025-4722
A vulnerability classified as critical has been found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file /editprofile.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
itsourcecode Placement Management System 注入漏洞
itsourcecode Placement Management System is an open source placement management system from itsourcecode. An injection vulnerability exists in version 1.0 of itsourcecode Placement Management System, which originates from a SQL injection due to incorrect manipulation of the parameter Name in the...
Company Visitor Management System /admin-profile.php File SQL Injection Vulnerability
Company Visitor Management System is a visitor management system. Company Visitor Management System is vulnerable to a SQL injection vulnerability that originates from an incorrect manipulation of the parameter adminname in the file /admin-profile.php that results in SQL injection. No details of...
Park Ticketing Management System /profile.php File SQL Injection Vulnerability
Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that stems from an incorrect manipulation of the parameter adminname in the /profile.php file that results in SQL injection. No details of the...
PHPGurukul Company Visitor Management System SQL注入漏洞
Company Visitor Management System is a visitor management system. Company Visitor Management System is vulnerable to a SQL injection vulnerability that originates from an incorrect manipulation of the parameter adminname in the file /admin-profile.php that results in SQL injection. No details of...
CVE-2025-3370
A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. It is possible to initiate the attack remotely. The exploi...
CVE-2025-3235
A vulnerability was found in PHPGurukul Old Age Home Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/profile.php. The manipulation of the argument adminname/contactnumber leads to sql injection. It is possible to initiate the attack...
CVE-2025-3184
A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This issue affects some unknown processing of the file /patient/profile.php?patientId=1. The manipulation of the argument patientFirstName leads to sql injection. The attack may be...
Bank Locker Management System profile.php file SQL Injection Vulnerability
Bank Locker Management System is a bank locker management system. Bank Locker Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the profile.php file's parameter mobilenumber. An attacker can exploit this...
CVE-2025-2683
A vulnerability classified as critical was found in PHPGurukul Bank Locker Management System 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-2646 PHPGurukul Art Gallery Management System admin-profile.php sql injection
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be...