PT-2025-36369

Name of the Vulnerable Software and Affected Versions: Campcodes Grocery Sales and Inventory System version 1.0 Description: A weakness exists in Campcodes Grocery Sales and Inventory System 1.0 related to the processing of the /ajax.php?action=save receiving file. Manipulation of the ID argument...

CVE-2025-9932

A flaw has been found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /admin/update-image.php. This manipulation of the argument lid causes sql injection. The attack may be initiated remotely. The exploit has been publishe...

CVE-2025-9928

A security flaw has been discovered in projectworlds Travel Management System 1.0. The impacted element is an unknown function of the file /viewcategory.php. Performing manipulation of the argument t1 results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-58788 WordPress License Manager for WooCommerce Plugin <= 3.0.12 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal License Manager for WooCommerce license-manager-for-woocommerce allows Blind SQL Injection.This issue affects License Manager for WooCommerce: from n/a through = 3.0.12...

Linux Distros Unpatched Vulnerability : CVE-2022-40315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A limited SQL injection risk was identified in the browse list of users site administration page. CVE-2022-40315 Note that Nessus relies on the presence of the...

WordPress plugin Mail Mint SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2025-9840

The CVE-2025-9840 issue affects itsourcecode Sports Management System version 1.0, specifically the /Admin/gametype.php file. The root cause is an unsafely handled parameter (code) that allows SQL injection, enabling remote exploitation. Public exploits have been reported, and multiple sources de...

CVE-2025-9742

A vulnerability was identified in code-projects Human Resource Integrated System 1.0. This issue affects some unknown processing of the file /login.php. Such manipulation of the argument user/pass leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

postgresql: PostgreSQL executes arbitrary code in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...

Simple Grading System delete_account.php File SQL Injection Vulnerability

Simple Grading System is a simple grading system. Simple Grading System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID in the file /deleteaccount.php. An attacker can exploit this vulnerability to execute...

RemoteClinic 安全漏洞

RemoteClinic is a clinic management system from RemoteClinic open source. A security vulnerability exists in RemoteClinic version 2.0, which stems from a SQL injection due to incorrect manipulation of the parameter ID in the file /staff/profile.php...

PT-2025-35612

Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.1 Description: A weakness exists in PHPGurukul Beauty Parlour Management System 1.1. The issue is related to SQL injection in the /admin/edit-services.php file. Manipulation of the sername...

Linux Distros Unpatched Vulnerability : CVE-2023-41320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses...

Linux Distros Unpatched Vulnerability : CVE-2023-28329

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of profile field availability condition resulted in an SQL injection risk by default only available to teachers and managers...

CVE-2025-9768 itsourcecode Sports Management System mode.php sql injection

A vulnerability was identified in itsourcecode Sports Management System 1.0. This impacts an unknown function of the file /Admin/mode.php. The manipulation of the argument code leads to sql injection. The attack is possible to be carried out remotely...

CVE-2025-9764

A flaw has been found in itsourcecode Sports Management System 1.0. Impacted is an unknown function of the file /Admin/resultdetails.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

CVE-2025-9765

CVE-2025-9765 affects the itsourcecode Sports Management System 1.0. Multiple connected sources confirm a SQL injection in the /Admin/tournament_details.php file, triggered by manipulating the ID parameter due to lack of input validation. Exploitation can be remote, and public disclosure is noted...

CVE-2025-9763

A vulnerability was detected in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /studentsignup.php. The manipulation of the argument Username results in sql injection. The attack can be launched remotely. The exploit is now public and may be...

CampCodes Online Learning Management System 安全漏洞

CampCodes Online Learning Management System is an online learning management system from CampCodes Philippines, Inc. A security vulnerability exists in CampCodes Online Learning Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the parameter Userna...

itsourcecode Sports Management System 安全漏洞

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/facilitator.php. An attacker can exploit this vulnerabili...