Code-Projects Modern Bag 注入漏洞

Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter idCate in file /admin/category-list.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

Advantech iView SQL注入漏洞

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. An SQL injection vulnerability exists in the Advantech iView CUtils.checkSQLInjection function, which can be exploited by an attacker to cause an information disclosure or...

CRYPTTECH CryptoLog 安全漏洞

CRYPTTECH CryptoLog is a log management system from the Turkish company CRYPTTECH. A security vulnerability exists in CRYPTTECH CryptoLog that stems from SQL Injection and Command Injection issues that could lead to remote code execution...

CVE-2025-7185

A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

CVE-2025-7155

A vulnerability, which was classified as critical, was found in PHPGurukul Online Notes Sharing System 1.0. This affects an unknown part of the file /Dashboard of the component Cookie Handler. The manipulation of the argument sessionid leads to sql injection. It is possible to initiate the attack...

Code-Projects Chat System 注入漏洞

Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ID in the file /user/fetchmember.php. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...

CampCodes Complaint Management System 注入漏洞

CampCodes Complaint Management System is a complaint management system from CampCodes Philippines. An injection vulnerability exists in CampCodes Complaint Management System version 1.0, which stems from improper handling of the parameter Username in the file /admin/index.php, which could lead to...

Inventory Management System removeUser.php File SQL Injection Vulnerability

Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the userid parameter in the file /phpaction/removeUser.php for externally entered SQL statements. An attacker can...

Staff Audit System /search_index.php File SQL Injection Vulnerability

Staff Audit System is an employee audit system. Staff Audit System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /searchindex.php. An attacker can exploit this vulnerability to execut...

CVE-2025-6937

A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /large.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

CampCodes Employee Management System 注入漏洞

CampCodes Employee Management System is an employee management system from CampCodes Philippines. An injection vulnerability exists in CampCodes Employee Management System version 1.0, which is caused by an incorrect manipulation of the mailuid parameter in the file /process/aprocess.php, resulti...

CVE-2025-6907

A vulnerability classified as critical was found in code-projects Car Rental System 1.0. This vulnerability affects unknown code of the file /bookcar.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

Campcodes Sales and Inventory System 安全漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. A security vulnerability exists in Campcodes Sales and Inventory System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter cid in the file /pages/paymentadd.php...

PHPGurukul Zoo Management System 注入漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /admin/manage-foreigners-ticket.php. An attacker can exploit this vulnerabili...

SourceCodester Best Salon Management System 注入漏洞

SourceCodester Best Salon Management System is a SourceCodester open source salon management system. SourceCodester Best Salon Management System version 1.0 has an injection vulnerability, the vulnerability stems from the wrong operation of the parameter Name in the file /panel/add-tax.php,...

Code-Projects Inventory Management System 注入漏洞

Inventory Management System is an inventory management system. Inventory Management System has a SQL injection vulnerability that stems from improper handling of the editProductName parameter in the /phpaction/editProduct.php file. No details of the vulnerability are available at this time...

Simple Pizza Ordering System addmem.php File SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the file /addmem.php. An attacker can exploit this vulnerability to execute illegal...

Simple Pizza Ordering System cashconfirm.php File SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter transactioncode in the file /cashconfirm.php. The vulnerability can ...

Online Bidding System bidlog.php File SQL Injection Vulnerability

Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID in the file /bidlog.php. An attacker can exploit this vulnerability to execute...

Eron Wowwo CRM SQL注入漏洞

Eron Wowwo CRM is a customer relationship management software from Eron Turkey. Eron Wowwo CRM suffers from a SQL injection vulnerability that stems from improper neutralization of special elements in SQL commands, which could lead to blind SQL injection...