CVE-2025-9047

A vulnerability has been found in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /visitorout.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

CVE-2025-7662

The Gestion de tarifs plugin for WordPress is vulnerable to SQL Injection via the 'tarif' and 'intitule' shortcodes in all versions up to, and including, 1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2025-9011

A vulnerability was determined in PHPGurukul Online Shopping Portal Project 2.0. Affected by this issue is some unknown functionality of the file /shopping/signup.php. The manipulation of the argument emailid leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-8985

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-52797

Cross-Site Request Forgery CSRF vulnerability in josepsitjar StoryMap wp-storymap allows SQL Injection.This issue affects StoryMap: from n/a through = 2.1...

CVE-2024-12612 School Management System for Wordpress <= 93.2.0 - Unauthenticated SQL Injection

The School Management System for Wordpress plugin for WordPress is vulnerable to SQL Injection via several parameters across multiple AJAX action in all versions up to, and including, 93.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

CVE-2025-8930

A vulnerability was found in code-projects Medical Store Management System 1.0. This issue affects some unknown processing of the file UpdateCompany.java of the component Update Company Page. The manipulation of the argument companyNameTxt leads to sql injection. The attack may be initiated...

WordPress School Management System for Wordpress plugin <= 93.2.0 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Lucio Sá in WordPress Plugin School Management versions = 93.2.0...

CVE-2025-8926

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-49897 WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1...

CVE-2025-9051

A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2025-1929

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...

CVE-2025-8990 code-projects Online Medicine Guide browsemdcn.php sql injection

A vulnerability was determined in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /browsemdcn.php. The manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...

PT-2025-33483 · Projectworlds · Travel Management System

Name of the Vulnerable Software and Affected Versions: ProjectWorlds Travel Management System version 1.0 Description: A vulnerability exists in ProjectWorlds Travel Management System 1.0 related to SQL injection. The issue affects an unknown functionality within the /updatecategory.php file...

PT-2025-33433 · Surbowl · Dormitory-Management-Php

Name of the Vulnerable Software and Affected Versions: Surbowl dormitory-management-php version 1.0 Description: A vulnerability exists in Surbowl dormitory-management-php 1.0, specifically within the login.php file. Manipulation of the Account parameter results in a SQL injection. The attack can...

Code-Projects Online Medicine Guide 注入漏洞

Online Medicine Guide is an online medical guide. Online Medicine Guide suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter phuname in the file /adphar.php. The vulnerability can be exploited to execute illegal SQL...

PT-2025-33476 · Projectworlds · Visitor Management System

Name of the Vulnerable Software and Affected Versions: Projectworlds Visitor Management System version 1.0 Description: A vulnerability has been found in projectworlds Visitor Management System 1.0. The manipulation of the argument rid in an unknown function of the file /visitor out.php leads to...

PT-2025-33477 · Projectworlds · Travel Management System

Name of the Vulnerable Software and Affected Versions: projectworlds Travel Management System version 1.0 Description: A vulnerability exists in projectworlds Travel Management System 1.0, affecting an unknown functionality within the /addcategory.php file. Manipulation of the t1 argument results...

PT-2025-33513 · Hcl · Hcl Bigfix Saas Authentication Service

Name of the Vulnerable Software and Affected Versions: HCL BigFix SaaS Authentication Service affected versions not specified Description: HCL BigFix SaaS Authentication Service is affected by a SQL injection issue. The issue allows potential attackers to manipulate SQL queries. Recommendations: ...

PT-2025-33455 · Sourcecodester · Sourcecodester Online Dj Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Bank Management System version 1.0 Description: A vulnerability exists in SourceCodester Online Bank Management System up to version 1.0. The issue affects unknown code within the /bank/transfer.php file. Manipulation of...