Tilesheets MediaWiki Extension SQL注入漏洞

Tilesheets MediaWiki Extension is a MediaWiki extension for Official FTB Wiki open source. Tilesheets MediaWiki Extension suffers from a SQL injection vulnerability that stems from a query missing backquotes, which could lead to a SQL injection attack...

CVE-2025-8498

A security vulnerability has been detected in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /cart/index.php. Such manipulation of the argument uname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly...

CVE-2025-8441

A vulnerability, which was classified as critical, was found in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /pharsignup.php. The manipulation of the argument phuname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-8438

A vulnerability classified as critical was found in code-projects Wazifa System 1.0. This vulnerability affects unknown code of the file /controllers/postpublish.php. The manipulation of the argument post leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed...

Vehicle Management /filter3.php File SQL Injection Vulnerability

Vehicle Management is a vehicle management system. Vehicle Management suffers from an SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the parameter company in file /filter3.php. An attacker can exploit this vulnerability to execute illega...

CVE-2025-8408

A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. Affected is an unknown function of the file /filter1.php. The manipulation of the argument vehicle leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

Kehua Charging Pile Cloud Platform 安全漏洞

Kehua Charging Pile Cloud Platform is a charging pile cloud platform from Kehua, China. A security vulnerability exists in Kehua Charging Pile Cloud Platform version 1.0, which originates from a SQL injection due to an error in the file /sys/task/findAllTask...

Pre-School Enrollment System SQL Injection Vulnerability

Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the /admin/password-recovery.php file not adequately validating the username parameter. An attacker can exploit this...

Exploit for SQL Injection in Piwigo

CVE-2024-43018 - x Assign an ID - X Be officially populate...

CVE-2025-8163

A vulnerability, which was classified as critical, was found in deerwms deer-wms-2 up to 3.3. This affects an unknown part of the file /system/role/list. The manipulation of the argument paramsdataScope leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-8135

A vulnerability, which was classified as critical, has been found in itsourcecode Insurance Management System 1.0. This issue affects some unknown processing of the file /updateAgent.php. The manipulation of the argument agentid leads to sql injection. The attack may be initiated remotely. The...

deer-wms-2 注入漏洞

deer-wms-2 is a Chinese deerwms open source warehouse management system . The vulnerability exists in deerwms deer-wms-2 3.3 and earlier versions, the vulnerability stems from the file /system/role/export on the parameter paramsdataScope incorrect operation leads to SQL injection...

WordPress SMTP for Amazon SES SQL Injection Vulnerability

WordPress SMTP for Amazon SES is a plugin or configuration solution for sending emails via Amazon Simple Email Service in WordPress sites. WordPress SMTP for Amazon SES suffers from a SQL injection vulnerability that stems from improper input neutralization, and no detailed vulnerability details...

Digiwin SFT SQL注入漏洞

Digiwin SFT is a production tracking system from China-based Digiwin. A SQL injection vulnerability exists in Digiwin SFT, which can be exploited by an unauthenticated, remote attacker to inject arbitrary SQL commands that could result in reading, modifying, and deleting database content...

Library System approve.php File SQL Injection Vulnerability

Library System is a library system. Library System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ID of the file /approve.php. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...

Job Diary view-emp.php File SQL Injection Vulnerability

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ID in the file /view-emp.php. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

Crime Reporting System userlogin.php File SQL Injection Vulnerability

Crime Reporting System is a crime reporting system. Crime Reporting System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /userlogin.php. An attacker can exploit this vulnerability to...

Dairy Farm Shop Management System edit-product.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter productname in the file...

Code-Projects Church Donation System 注入漏洞

Code-Projects Church Donation System is Code-Projects open source a church donation system. An injection vulnerability exists in Code-Projects Church Donation System version 1.0, which originates from a SQL injection attack due to a misbehavior of the parameter mobile in the file...

Exploit for CVE-2026-2058

CLOUD-CLASSROOMS-php-1.0 PoC - Sql Injection Erro Based Prese...