CVE-2025-7454

A vulnerability classified as critical has been found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected is an unknown function of the file /admin/managetheater.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-7157

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

Code-Projects Responsive Blog Site 注入漏洞

Code-Projects Responsive Blog Site is a responsive blog site from Code-Projects open source. Code-Projects Responsive Blog Site version 1.0 suffers from an injection vulnerability that stems from SQL injection due to incorrect manipulation of the parameter ID in the file /category.php...

Code-Projects E-Commerce Site Security Vulnerability

Code-Projects E-Commerce Site is an e-commerce site of Code-Projects open source. A security vulnerability exists in version 1.0 of the code-projects Library System, which stems from improper manipulation of the parameter idn in the file /teacher-issue-book.php, which could lead to an SQL injecti...

PHPGurukul Zoo Management System 注入漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cprice in the file /admin/add-normal-ticket.php. An attacker can exploit this...

Code-Projects Chat System 注入漏洞

Chat System is a chat system. Chat System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter msg in the file /user/sendmessage.php. An attacker can exploit this vulnerability to execute illegal SQL commands...

Library System profile.php File SQL Injection Vulnerability

Library System is a library system. The Library System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter phone in the file /profile.php. An attacker can exploit this vulnerability to execute illegal SQL...

SUSE CVE-2024-4533

The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin users to perform SQL injection attacks...

CVE-2025-6739

The WPQuiz plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute of the 'wpquiz' shortcode in all versions up to, and including, 0.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

PHPGurukul Old Age Home Management System 安全漏洞

PHPGurukul Old Age Home Management System is a nursing home management system from PHPGurukul, Inc. A security vulnerability exists in version 1.0 of the PHPGurukul Old Age Home Management System, which originates from a SQL injection due to incorrect manipulation of the parameter sertitle in the...

Code-Projects Daily Expense Manager SQL注入漏洞

Daily Expense Manager is a daily expense management system. Daily Expense Manager suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements for the parameters pname, pprice, and id in the file /update.php. No details of the vulnerabilit...

PHPGurukul Zoo Management System 注入漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter viewid in file /admin/view-normal-ticket.php. An attacker can exploit this...

Online Shoe Store admin_football.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter pid in the file /admin/adminfootball.php. The vulnerability can be exploited to execute...

Online Shoe Store admin_product.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter pid in the file /admin/adminproduct.php. An attacker can exploit this vulnerability to...

Online Shoe Store cart.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter qty in the file /cart.php. The vulnerability can be exploited to execute illegal SQL...

Simple Online Hotel Reservation System add_account.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter name/adminid in the file...

hosporder 注入漏洞

update, etc. are products of Aaron individual developer. update is a library. clickHouse ch, etc. are products of ClickHouse open source. ch is a low-level Go client for ClickHouse. brian Smith ring, etc. are products of Brian Smith individual developer. ring is a library. An injection...

Directory Management System search-directory.php File SQL Injection Vulnerability

Directory Management System is a directory management system. Directory Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchdata in the file /admin/search-directory.php. An attacker can...

Code-Projects Car Rental System 注入漏洞

Car Rental System is a car rental system. Car Rental System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the messageadmin.php file's parameter Message. An attacker can use this vulnerability to execute illegal SQL commands...

Code-Projects Inventory Management System 安全漏洞

Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the categoriesId parameter in the /phpaction/fetchSelectedCategories.php file against externally entered SQL...