hosporder 注入漏洞

hosporder is a hospital appointment registration system by the individual developer Xiaohao.Shi in China. There is an injection vulnerability in hosporder, which originates from a SQL injection due to the incorrect operation of the parameter hospitalName in the file DoctorServiceImpl.java...

Art Gallery Management System forgot-password.php File SQL Injection Vulnerability

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter email in the file /admin/forgot-password.php. An attacker c...

Hostel Management System /contact_manager.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter studentrollno in the file /contactmanager.php. An attacker can use this...

CVE-2025-53122

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in OpenNMS Horizon and Meridian applications allows SQL Injection. Users should upgrade to Meridian 2024.2.6 or newer, or Horizon 33.16 or newer. Meridian and Horizon installation instructions state...

novel-plus 安全漏洞

novel-plus is a novel reading software by xxy individual developer. A security vulnerability exists in novel-plus 5.1.3 and earlier versions, which stems from the mishandling of the parameter sort/order in the user management module, which may lead to an SQL injection attack...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Shenzhou Vision Han Technology Co., Ltd (CNVD-2025-17836)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2025-6456

A vulnerability, which was classified as critical, has been found in code-projects Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file /reservation/order.php. The manipulation of the argument Start leads to sql injection. The attack may be launche...

CVE-2025-6451

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/deletepending.php. The manipulation of the argument transactionid leads to sql injection. The attack can be initiated...

Code-Projects Simple Pizza Ordering System 注入漏洞

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter textfield in the file /addcatexec.php. An attacker can exploit...

CVE-2025-6317

A vulnerability classified as critical has been found in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/confirm.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...

Code-Projects Simple Pizza Ordering System 注入漏洞

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the file /addmem.php. An attacker can exploit this vulnerability to execute illegal...

Hospital Management System 注入漏洞

Hospital Management System is a hospital management software by Pon Aravind Boominathan, an individual developer. An injection vulnerability exists in Hospital Management System version 1.0, which results from SQL injection due to incorrect manipulation of parameter username1 in file /func3.php...

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations. WeGIA suffers from an SQL injection vulnerability that can be exploited by an attacker to view, add, modify, or delete information in the back-end database...

Brilliance Golden Link Secondary System 注入漏洞

Brilliance Golden Link Secondary System is a management system from Brilliance, China. An injection vulnerability exists in Brilliance Golden Link Secondary System 20250609 and prior versions, which originates from improper manipulation of the parameter custTradeName in the file...

CVE-2025-48274

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpjobportal WP Job Portal allows Blind SQL Injection. This issue affects WP Job Portal: from n/a through 2.3.2...

School Fees Payment System datatable.php File SQL Injection Vulnerability

School Fees Payment System is a tuition payment system. The School Fees Payment System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter sSortDir0 in the file /datatable.php. An attacker can exploit this...

WordPress plugin Rankie SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

PHPGurukul Nipah virus Testing Management System 注入漏洞

Nipah Virus Testing Management System is an online virus diagnostic platform. Nipah Virus Testing Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the testtype parameter of the /bwdates-report-ds.php fil...

Code-Projects Restaurant Order System 注入漏洞

Code-Projects Restaurant Order System is an open source restaurant order system from Code-Projects. An injection vulnerability exists in code-projects Restaurant Order System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter ID in the file /table.php...

Online Fire Reporting System /reporting.php File SQL Injection Vulnerability

Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter fullname in the file /reporting.php. The vulnerability c...