CVE-2025-3427

The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'infilltext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

WordPress plugin Team Circle Image Slider With Lightbox SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2025-3334

A vulnerability was found in codeprojects Online Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/categorysave.php. The manipulation of the argument Category leads to sql injection. The attack may be launched...

CVE-2025-3333

A vulnerability has been found in codeprojects Online Restaurant Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/menuupdate.php. The manipulation of the argument menu leads to sql injection. The attack can be launched...

Apartment Visitor Management System 注入漏洞

Apartment Visitor Management System is an Apartment Visitor Management System by Carlo Montero Personal Developer. An injection vulnerability exists in Apartment Visitor Management System version 1.0, which stems from an incorrect manipulation of the parameter secode that can lead to SQL injectio...

CVE-2025-3239

A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. Affected by this vulnerability is an unknown functionality of the file /admin/edit-guard-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely...

CVE-2025-3206

A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. The attack can be initiated...

WordPress plugin Silvasoft boekhouden SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Silvasoft...

PHPGurukul e-Diary Management System 注入漏洞

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from a missing validation of an externally typed SQL statement in the emailid parameter of the registration.php file. An attacker can...

CVE-2025-3180

A vulnerability classified as critical was found in projectworlds Online Doctor Appointment Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /doctor/deleteschedule.php. The manipulation of the argument ID leads to sql injection. The attack can be launched...

Apartment Visitor Management System 注入漏洞

Apartment Visitor Management System is an Apartment Visitor Management System by Carlo Montero Personal Developer. An injection vulnerability exists in Apartment Visitor Management System version 1.0, which stems from an incorrect operation of the parameter buildingno that can lead to SQL injecti...

Project Worlds Online Doctor Appointment Booking System 安全漏洞

Project Worlds Online Doctor Appointment Booking System is an online doctor appointment booking system from Project Worlds, Inc. A security vulnerability exists in Project Worlds Online Doctor Appointment Booking System version 1.0, which stems from an incorrect operation of the parameter...

WordPress plugin Salesmate Add-On for Gravity Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress...

WordPress plugin Advanced WooCommerce Product Sales Reporting SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

PiExtract SOOP-CLM SQL注入漏洞

PiExtract SOOP-CLM is a cost-effective enterprise-level centralized log management solution from China Xinyan PiExtract. A SQL injection vulnerability exists in PiExtract SOOP-CLM versions v5.1.0 through v5.3.0, which stems from an SQL injection that could result in reading, modifying, and deleti...

PHPGurukul Old Age Home Management System 注入漏洞

PHPGurukul Old Age Home Management System is a nursing home management system from PHPGurukul. An injection vulnerability exists in PHPGurukul Old Age Home Management System version 1.0, which originates from an SQL injection in the /admin/add-services.php file, and may be attacked remotely...

WordPress Automation By Autonami plugin <= 3.5.1 - Unauthenticated SQL Injection via 'automationId' vulnerability

Unauthenticated SQL Injection via 'automationId' vulnerability discovered by mikemyers in WordPress Plugin FunnelKit Automations versions = 3.5.1...

CVE-2025-2663

A vulnerability has been found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /search-locker-details.php. The manipulation of the argument searchinput leads to sql injection. The attack can be...

SourceCodester AC Repair and Services System 注入漏洞

SourceCodester AC Repair and Services System is a SourceCodester open source air conditioning repair and services system. An injection vulnerability exists in SourceCodester AC Repair and Services System version 1.0, which stems from the fact that incorrect manipulation of a parameter ID can lead...

PHPGurukul Doctor Appointment Management System 注入漏洞

Doctor Appointment Management System is a doctor appointment management system. Doctor Appointment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter searchdata of /check-appointment.php. A...