PuneethReddyHc Online Shopping System Advanced 安全漏洞

PuneethReddyHc Online Shopping System Advanced is an open source online shopping system by the individual developers of Puneeth Reddy HC in India. A security vulnerability exists in PuneethReddyHC Online Shopping System Advanced version 1.0, which stems from the keyword parameter not being cleane...

CVE-2025-30060 SQL injection in ReturnUserUnitsXML.pl via the UserID parameter

In the ReturnUserUnitsXML.pl service, the "getUserInfo" function is vulnerable to SQL injection through the "UserID" parameter...

CVE-2025-30058

Technical details for CVE-2025-30058 are not publicly provided in the supplied documents. Monitor for updates from official advisories; current sources only reference a SQL injection via pesel in PatientService.pl.

CVE-2025-9511

CVE-2025-9511 affects itsourcecode Apartment Management System 1.0, specifically the /visitor/addvisitor.php file. The root cause is manipulation of the ID parameter that enables SQL injection, with remote exploitability and a publicly available exploit. Several connected sources confirm the vuln...

CVE-2025-9507

A weakness has been identified in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/visitorinfo.php. Executing manipulation of the argument vid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to th...

CVE-2025-9504

A vulnerability was detected in Campcodes Online Loan Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=saveplan. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now publ...

Campcodes Online Loan Management System 安全漏洞

CampCodes Online Loan Management System is an online loan management system from CampCodes Philippines, Inc. A security vulnerability exists in Campcodes Online Loan Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the parameter loanid in...

PT-2025-34853 · Unknown · Patientservice.Pl

Name of the Vulnerable Software and Affected Versions: PatientService.pl affected versions not specified Description: The getPatientIdentifier function within the PatientService.pl service is susceptible to SQL injection due to improper handling of the pesel parameter. Recommendations: As a...

PT-2025-34823

Name of the Vulnerable Software and Affected Versions: Campcodes Online Loan Management System version 1.0 Description: A security issue has been identified in Campcodes Online Loan Management System 1.0. The manipulation of the lastname argument in an unknown function of the file...

CVE-2025-9470

CVE-2025-9470 affects itsourcecode Apartment Management System 1.0. The vulnerability lies in /management/add_m_committee.php where manipulation of the ID parameter enables SQL injection, potentially exploitable remotely. The exploit has been published and multiple sources describe a SQL‑injectio...

PT-2025-34738

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A SQL injection issue exists in the /maintenance/add maintenance cost.php file due to the manipulation of the ID argument. Remote exploitation is possible. The exploit has been...

SourceCodester Online Bank Management System 安全漏洞

SourceCodester Online Bank Management System is a SourceCodester open source online bank management system. A security vulnerability exists in SourceCodester Online Bank Management System version 1.0, which is caused by a SQL injection attack due to incorrect manipulation of the parameter msg in...

itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements for parameter ID in file /maintenance/addmaintenancecost.php. An attacker can exploit thi...

CVE-2025-9426 itsourcecode Online Tour and Travel Management System package.php sql injection

A weakness has been identified in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /package.php. Executing manipulation of the argument subcatid can lead to sql injection. The attack may be performed from a remote location. The exploit has been...

CVE-2025-9419 itsourcecode Apartment Management System addunit.php sql injection

A vulnerability was detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /unit/addunit.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now public and may be...

CVE-2025-9418 itsourcecode Apartment Management System addowner.php sql injection

A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /owner/addowner.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-56214

The CVE-2025-56214 entry concerns phpgurukul Hospital Management System 4.0, which is vulnerable to SQL Injection in index.php via the username parameter. The vulnerability stems from unsafely handling user input in a PHP/MySQL context, enabling potentially arbitrary SQL execution with a base CVS...

CVE-2025-55575

SQL Injection vulnerability in SMM Panel 3.1 allowing remote attackers to gain sensitive information via a crafted HTTP request with action=servicedetail...

CampCodes Online Water Billing System 安全漏洞

CampCodes Online Water Billing System is an online water billing system from CampCodes Philippines. A security vulnerability exists in CampCodes Online Water Billing System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the parameter ID in the file /editecex.php...

PT-2025-34716 · Campcodes · Campcodes Online Water Billing System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Water Billing System version 1.0 Description: A SQL injection issue exists in Campcodes Online Water Billing System 1.0 due to manipulation of the ID argument in the /editecex.php file. This allows for remote exploitation. Th...