CloudClassroom-PHP-Project SQL注入漏洞

CloudClassroom-PHP-Project is a cloud classroom website by the individual developer Vishal Mathur. A security vulnerability exists in CloudClassroom-PHP-Project v1.0 that stems from insufficient validation of the parameter pass input in the registrationform endpoint, which could lead to an SQL...

Aem Solutions CMS 注入漏洞

Aem Solutions CMS is a software for content management from Aem Solutions, USA. An injection vulnerability exists in Aem Solutions CMS version 1.0 and prior versions, which stems from SQL injection due to incorrect manipulation of the parameter ID in the file /page.php...

CVE-2025-5224

A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/add-doctor.php. The manipulation of the argument Doctorspecialization leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-40665

Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID parameter in /GIMWeb/PC/frmCorrectivosList.aspx...

CVE-2025-5170

A vulnerability classified as critical was found in llisoft MTA Maita Training System 4.5. This vulnerability affects the function AdminShitiListRequestVo of the file com\llisoft\controller\admin\shiti\AdminShitiController.java. The manipulation of the argument stTypeIds leads to sql injection. T...

CVE-2025-5152

A vulnerability classified as critical was found in Chanjet CRM up to 20250510. This vulnerability affects unknown code of the file /activity/newActivityedit.php?DontCheckLogin=1&id=null&ret=mod1. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated...

CVE-2024-51101

PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /rtbs/check-status.php...

CVE-2024-3465

A vulnerability was found in SourceCodester Laundry Management System 1.0. It has been classified as critical. Affected is the function laporanfilter of the file /application/controller/Transaki.php. The manipulation of the argument dari/sampai leads to sql injection. It is possible to launch the...

CVE-2024-5898

A vulnerability was found in itsourcecode Payroll Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file printpayroll.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2024-5678

Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature...

CVE-2024-1100

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Vadi Corporate Information Systems DIGIKENT GIS allows SQL Injection. This issue affects DIGIKENT GIS: through 2.23.5...

CVE-2024-48255

Cloudlog 2.6.15 allows Oqrs.php getstationinfo stationid SQL injection...

CVE-2024-48357

LyLme Spage 1.2.0 through 1.6.0 is vulnerable to SQL Injection via /admin/apply.php...

CVE-2024-48222

Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit...

CVE-2023-0303

A vulnerability was found in SourceCodester Online Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file viewprod.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2023-26525

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy.This issue affects Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own...

CVE-2023-2412

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2023-24777

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...

CVE-2023-2095

A vulnerability was found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/maintenance/managecategory.php. The manipulation of the argument id leads to sql injection. The attack may be initiated...

CVE-2023-2089

A vulnerability was found in SourceCodester Complaint Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/userprofile.php of the component GET Parameter Handler. The manipulation of the argument uid leads to sql injection. The attack...