CVE-2025-56215

CVE-2025-56215 affects phpgurukul Hospital Management System 4.0, with a SQL Injection in contact.php through the pagetitle parameter. The vulnerability is described as an injection flaw in a PHP/MySQL-based system. According to the CVE details, the base impact is Low for confidentiality and inte...

PT-2025-34684 · Ruoyi-Go · Ruoyi-Go

Name of the Vulnerable Software and Affected Versions: ruoyi-go versions up to 2.1 Description: A weakness exists in the SelectListByPage function of the modules/system/dao/GenTableDao.go file. Manipulation of the isAsc/orderByColumn argument can lead to SQL injection. This issue is potentially...

PT-2025-34719 · Itsourcecode · Itsourcecode Online Tour/Travel Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A weakness exists in itsourcecode Online Tour and Travel Management System 1.0, affecting an unknown part of the file /package.php. Manipulation of the subcatid...

Linux Distros Unpatched Vulnerability : CVE-2017-5611

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in wp-includes/class-wp-query.php in WPQuery in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by...

CVE-2024-53499

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API...

CVE-2025-57761

WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependenteremover.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...

Exploit for Improper Handling of Parameters in Fortinet Fortiweb

🚨 FortiWeb Authentication Bypass → Remote Code Execution...

CVE-2024-53499

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API...

CVE-2025-9255

WebITR by Uniong is affected by a SQL injection vulnerability that allows unauthenticated remote attackers to inject arbitrary SQL commands and read database contents. The available documents consistently describe this as a SQL injection issue in the WebITR system, without providing concrete deta...

CVE-2025-9255 Uniong｜WebITR - SQL Injection

WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-9255 Uniong｜WebITR - SQL Injection

WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2024-53499

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API...

PT-2025-34342 · Uniong · Webitr

Name of the Vulnerable Software and Affected Versions: WebITR affected versions not specified Description: WebITR developed by Uniong is susceptible to a SQL Injection issue. This allows unauthenticated remote attackers to inject arbitrary SQL commands, potentially leading to the unauthorized...

CVE-2025-9155

A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forgetpassword.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to...

CVE-2025-57761 WeGIA SQL Injection vulnerability via 'id_funcionario' param at endpoint `/html/funcionario/dependente_remover.php`

WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependenteremover.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...

CVE-2025-9304 SourceCodester Online Bank Management System show.php sql injection

A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from a remote location. The exploit has been made...

CVE-2025-51506

In the smartLibrary component of the HRForecast Suite 0.4.3, a SQL injection vulnerability was discovered in the valueKey parameter. This flaw enables any authenticated user to execute arbitrary SQL queries, via crafted payloads to valueKey to the api/smartlibrary/v2/en/dictionaries/options/looku...

PT-2025-34248 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.10 Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability exists in the /html/funcionario/dependente remover.php endpoint, specifically in the id funcionario parameter. This...

SourceCodester Online Bank Management System 安全漏洞

SourceCodester Online Bank Management System is a SourceCodester open source online bank management system. A security vulnerability exists in SourceCodester Online Bank Management System version 1.0, which is caused by SQL injection due to incorrect manipulation of parameter IDs...

PHPGurukul Online Course Registration SQL注入漏洞

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter sesssion. An attacker can exploit this vulnerability to execute...