CVE-2025-7933

A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /pages/settingsupdate.php of the component Setting Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated...

Mobile Shop login.php file SQL Injection Vulnerability

Mobile Shop is a mobile store. Mobile Shop suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /login.php. The vulnerability can be exploited by an attacker to execute illegal SQL commands to...

Voting System voters_row.php file SQL Injection Vulnerability

Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements for parameter ID in file /admin/votersrow.php. An attacker can exploit this vulnerability to execute illegal SQL commands ...

Crime Reporting System registration.php File SQL Injection Vulnerability

Crime Reporting System is a crime reporting system. Crime Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Name in the file /registration.php. An attacker can exploit this vulnerability to...

WeGIA SQL Injection Vulnerability (CNVD-2025-17285)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the /WeGIA/html/socio/sistema/processadeletarsocio.php endpoint. An attacker could exploit this vulnerability to...

Online Fire Reporting System assigned-requests.php File SQL Injection Vulnerability

Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in the file /admin/assigned-requests.php. An...

PHPGurukul Online Banquet Booking System 注入漏洞

Online Banquet Booking System is an online banquet booking system. Online Banquet Booking System is vulnerable to a SQL injection vulnerability that stems from the viewid parameter in the /admin/view-user-queries.php file not being security filtered. No details of the vulnerability are available ...

One Identity OneLogin SQL注入漏洞

One Identity OneLogin is an identity and access management software from US-based One Identity. An SQL injection vulnerability exists in One Identity OneLogin versions prior to 2025.2.0, which stems from an improperly set SQL connection application name that could lead to information disclosure...

Joomcar Extensions Articles Calendar 注入漏洞

Joomcar Extensions Articles Calendar is a Joomla plugin from Joomcar Extensions. A SQL injection vulnerability exists in Joomcar Extensions Articles Calendar versions 1.0.0 through 1.0.1.0007, which stems from vulnerability to SQL injection attacks...

Joomcar Extensions Articles Good Search SQL注入漏洞

Joomcar Extensions Articles Good Search is a Joomla plugin from Joomcar Extensions, Inc. A SQL injection vulnerability exists in Joomcar Extensions Articles Good Search versions 1.0.0 through 1.2.4.0011, which stems from vulnerability to SQL injection attacks...

StudentManage 安全漏洞

StudentManage is a student management system by DayCloud Individual Developer in China. A security vulnerability exists in StudentManage version 1.0, which stems from improper handling of the component /admin/adminStudentUrl, which could lead to an SQL injection attack...

CVE-2025-7765

A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addmanagerclinic.php. The manipulation of the argument clinic leads to sql injection. The attack can be launched...

CVE-2025-25257

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execu...

CVE-2025-51659

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMSProducts.php...

CVE-2025-7557

A vulnerability has been found in code-projects Voting System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/votersrow.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit h...

PHPGurukul Online Fire Reporting System 注入漏洞

Online Fire Reporting System is an online fire reporting system. Online Fire Reporting System has a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in the file /admin/workin-progress-requests.php. An attacker can...

SEMCMS 安全漏洞

SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that supports multi-language. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of ID parameter in SEMCMSProducts.php...

SEMCMS 安全漏洞

SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that supports multi-language. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of the pid parameter in SEMCMSInfocategories.php...

PHPGurukul Vehicle Parking Management System 安全漏洞

Vehicle Parking Management System is a parking management system. Vehicle Parking Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter del in the file /admin/manage-category.php. An attacker...

PHPGurukul Vehicle Parking Management System 注入漏洞

Vehicle Parking Management System is a parking management system. Vehicle Parking Management System suffers from a SQL injection vulnerability that stems from an error in the parameter email in the file /users/signup.php that lacks validation of externally entered SQL statements. An attacker can...