itsourcecode Sports Management System 安全漏洞

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/facilitator.php. An attacker can exploit this vulnerabili...

CVE-2025-9664

A security flaw has been discovered in code-projects Simple Grading System 1.0. Affected is an unknown function of the file /addstudentgrade.php of the component Admin Panel. The manipulation of the argument Add results in sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-44033

SQL injection vulnerability in oasystem oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector method declaration in src/main/java/cn/gson/oasys/mappers/AddressMapper.java...

CVE-2025-9418

A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /owner/addowner.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-9504

A vulnerability was detected in Campcodes Online Loan Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=saveplan. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now publ...

CVE-2025-9691

A vulnerability has been found in Campcodes Online Shopping System 1.0. This impacts an unknown function of the file /login.php. Such manipulation of the argument Password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

PT-2025-35381

Name of the Vulnerable Software and Affected Versions: SourceCodester Water Billing System version 1.0 Description: A SQL injection weakness exists in the /paybill.php file due to manipulation of the ID argument. Remote exploitation is possible. The exploit has been made publicly available...

CVE-2025-9678

A weakness has been identified in Campcodes Online Loan Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=deleteborrower. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-29894

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 2025/04/23...

CVE-2025-9665

The CVE covers code-projects Simple Grading System 1.0, where the Admin Panel’s /edit_student.php contains a vulnerability in the ID parameter that allows SQL injection. This is exploitable remotely, with public exploit material available. Affected component is the Admin Panel through an unknown ...

CVE-2025-9662 code-projects Simple Grading System Admin Panel login.php sql injection

A vulnerability was determined in code-projects Simple Grading System 1.0. This affects an unknown function of the file /login.php of the component Admin Panel. Executing manipulation can lead to sql injection. The attack may be performed from a remote location. The exploit has been publicly...

CVE-2025-9645 itsourcecode Apartment Management System r_all_info.php sql injection

A vulnerability was identified in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /tdashboard/rallinfo.php. The manipulation of the argument mid leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used...

CGM CLININET SQL Injection Vulnerability (CNVD-2025-19811)

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the UserID parameter of the OpenReportWindow.pl file. An attacker can exploit this...

Jinher OA 安全漏洞

Jinher OA is a collaborative management software from Jinher, China. A security vulnerability exists in Jinher OA version 1.0, which originates from improper manipulation of the parameter ID in the file GetTreeDate.aspx, which may lead to an SQL injection attack...

Portábilis i-Educar 安全漏洞

Portábilis i-Educar is an application from Portábilis. It can easily help you in basic and technical education. A security vulnerability exists in Portábilis i-Educar version 2.10 and earlier, which stems from a SQL injection attack due to the incorrect operation of the parameter codagenda in the...

PT-2025-35175

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions prior to 2.11 Description: A SQL injection issue exists in an unknown functionality of the file /intranet/agenda preferencias.php. Manipulation of the cod agenda argument can trigger the issue. The attack can be...

CVE-2025-9596 itsourcecode Sports Management System login.php sql injection

A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be...

CVE-2025-9592 itsourcecode Apartment Management System bill_info.php sql injection

A vulnerability was detected in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/billinfo.php. Performing manipulation of the argument vid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public...

CVE-2025-51972

A SQL Injection vulnerability exists in the login.php of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter...

PuneethReddyHc Online Shopping System Advanced 安全漏洞

PuneethReddyHc Online Shopping System Advanced is an open source online shopping system by the individual developers of Puneeth Reddy HC in India. A security vulnerability exists in PuneethReddyHC Online Shopping System Advanced version 1.0, which stems from the keyword parameter not being cleane...