CVE-2025-11588

A vulnerability was identified in CodeAstro Gym Management System 1.0. This impacts an unknown function of the file /customer/index.php. Such manipulation of the argument fullname leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used...

CVE-2025-11585 code-projects Project Monitoring System useredit.php sql injection

A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-11480

A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument registerusername results in sql injection. The attack is possible to be carried out remotely. The exploit ...

Code-Projects Computer Laboratory System 安全漏洞

Computer Laboratory System is a computer laboratory system. The Computer Laboratory System suffers from a SQL injection vulnerability that originates from a lack of validation of an externally entered SQL statement in the password field of the login page, which can be exploited by an attacker to...

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS version 20250820, which stems from the exportXls function not handling input correctly, which could lead to an SQL injection attack...

CodeAstro Gym Management System SQL注入漏洞

CodeAstro Gym Management System is a gym management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Gym Management System version 1.0, which stems from an incorrect manipulation of the parameter fullname in the file /customer/index.php, which could lead to a SQL injection...

EUVD-2025-33579

A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched remotely. The exploit ha...

CVE-2025-11555

CVE-2025-11555 concerns Campcodes Online Learning Management System v1.0. Multiple connected sources confirm a SQL injection in the /admin/calendar_of_events.php script caused by unsafely manipulating the date_start parameter. The vulnerability is exploitable remotely and exploit code is publicly...

CVE-2025-60267

In xckk v9.6, there is a SQL injection vulnerability in which the cond parameter in notice/list is not securely filtered, resulting in a SQL injection vulnerability...

CampCodes Online Learning Management System 安全漏洞

CampCodes Online Learning Management System is an online learning management system from CampCodes Philippines, Inc. A security vulnerability exists in CampCodes Online Learning Management System version 1.0, which stems from an incorrect manipulation of the parameter datestart in the file...

Code-Projects Online Complaint Site SQL注入漏洞

Online Complaint Site is an online complaint site. Online Complaint Site suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter state in the file /cms/admin/state.php for externally entered SQL statements. An attacker can exploit this vulnerability...

PT-2025-41323

Name of the Vulnerable Software and Affected Versions code-projects Online Complaint Site version 1.0 Description A security flaw exists in code-projects Online Complaint Site version 1.0. The issue involves SQL injection due to manipulation of the cid argument when processing the file...

PT-2025-41462

Name of the Vulnerable Software and Affected Versions Simple Leave Manager version 1.0 Description A SQL injection issue exists in the Simple Leave Manager 1.0 application. The flaw is located in the /user.php file and stems from improper handling of user-supplied input within the argument table,...

CVE-2025-11478

A weakness has been identified in SourceCodester Farm Management System 1.0. This issue affects some unknown processing of the file /myCart.php. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the...

EUVD-2025-33160

A security flaw has been discovered in SourceCodester Wedding Reservation Management System 1.0. This vulnerability affects unknown code of the file /global.php. The manipulation of the argument User results in sql injection. The attack may be launched remotely. The exploit has been released to t...

CVE-2025-11477

Summary: CVE-2025-11477 affects SourceCodester Wedding Reservation Management System 1.0. The flaw occurs in /global.php where manipulation of the User parameter enables a SQL injection. The vulnerability can be exploited remotely and exploits have been released publicly. Multiple connected sourc...

EUVD-2025-33174

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...

GHSA-MRMX-JFW8-QHGV Melis Platform CMS SQL Injection

SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'idPage' parameter in the '/melis/MelisCms/PageEdition/getTinyTemplates' endpoint...

CVE-2025-11422

A vulnerability has been found in Campcodes Advanced Online Voting Management System 1.0. The impacted element is an unknown function of the file /admin/login.php. Such manipulation of the argument Username leads to sql injection. The attack can be executed remotely. The exploit has been disclose...

Projectworlds Gym Management System 安全漏洞

Projectworlds Gym Management System is a gym management system from Projectworlds India. A security vulnerability exists in Projectworlds Gym Management System version 1.0, which stems from an incorrect manipulation of the parameter id in the profile/edit.php page, which could lead to a SQL...