CVE-2025-2608

A vulnerability classified as critical has been found in PHPGurukul Banquet Booking System 1.2. This affects an unknown part of the file /admin/view-user-queries.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

CVE-2025-2384

A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. This affects an unknown part of the file /InsertCustomer.php of the component Parameter Handler. The manipulation of the argument...

CVE-2025-2372

A vulnerability classified as critical has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This affects an unknown part of the file /password-recovery.php of the component Password Recovery Page. The manipulation of the argument username leads to sql injection. It is...

AT Software Solutions ATSVD 注入漏洞

AT Software Solutions ATSVD is an application from the Brazilian company AT Software Solutions. An injection vulnerability exists in AT Software Solutions ATSVD version 3.4.1 and earlier, which stems from an incorrect manipulation of the parameter txtCPF that can lead to SQL injection...

Projectworlds Life Insurance Management System 注入漏洞

Projectworlds Life Insurance Management System is a life insurance management system from Projectworlds India. An injection vulnerability exists in Projectworlds Life Insurance Management System version 1.0, which stems from improper manipulation of the reciptno parameter and can lead to SQL...

Boceksoft Informatics E-Travel SQL注入漏洞

Boceksoft Informatics E-Travel is an application from Boceksoft. A SQL injection vulnerability exists in Boceksoft Informatics E-Travel versions prior to 15.12.2024, which stems from the presence of SQL injection...

PHPGurukul Human Metapneumovirus Testing Management System 注入漏洞

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. Human Metapneumovirus Testing Management System is vulnerable to a SQL injection vulnerability that affects the username parameter in the /login.php file. No details of the vulnerability are...

Wind Media E-Commerce Website Template SQL注入漏洞

Wind Media E-Commerce Website Template is an e-commerce template from Wind Media, Inc. A SQL injection vulnerability exists in Wind Media E-Commerce Website Template versions prior to v1.5, which stems from susceptibility to SQL injection attacks...

Codezips Online Shopping Website 安全漏洞

Codezips Online Shopping Website is a Codezips open source online store system. A security vulnerability exists in Codezips Online Shopping Website version 1.0, which stems from an incorrect manipulation of the parameter id that can lead to SQL injection...

PHPGurukul News Portal 注入漏洞

News Portal is a news portal. News Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the login.php file. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data...

WordPress Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop plugin <= 1.7.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Bitcoin / AltCoin Payment Gateway for WooCommerce versions = 1.7.6...

Loggrove 安全漏洞

Loggrove is a web platform service by olajowon individual developer. A security vulnerability exists in Loggrove v1.0, which stems from an SQL injection in the read.py file...

Yukseloglu Filter B2B Login Platform SQL注入漏洞

Yukseloglu Filter B2B Login Platform is a B2B login platform from Yukseloglu Filter, Inc. A SQL injection vulnerability exists in Yukseloglu Filter B2B Login Platform versions prior to 16.01.2025, which stems from improper neutralization of special elements...

CVE-2025-22210

A SQL injection vulnerability in the Hikashop component versions 3.3.0-5.1.4 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands in the category management area in backend...

Benner ModernaNet 注入漏洞

Benner ModernaNet is a diagnostic center application from Benner. An injection vulnerability exists in Benner ModernaNet version 1.1.0 and prior versions, which stems from the /Home/JSCarregaCombo file containing an SQL injection issue...

PT-2025-7824

Name of the Vulnerable Software and Affected Versions Dell Secure Connect Gateway SCG Application and Appliance versions prior to 5.28 Description The issue is due to improper neutralization of special elements used in an SQL command, leading to a SQL injection vulnerability. This can be exploite...

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 13.3, which stems from an SQL injection in the admincollectnews.php file...

PT-2025-7708 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.11.x through 9.11.7 Mattermost versions 10.2.x through 10.2.2 Mattermost versions 10.3.x through 10.3.2 Mattermost versions 10.4.x through 10.4.1 Description: The issue allows an attacker to retrieve data from the databa...

NovaCHRON Zeitsysteme Smart Time Plus 安全漏洞

NovaCHRON Zeitsysteme Smart Time Plus is a time only management program from NovaCHRON Zeitsysteme. A security vulnerability exists in NovaCHRON Zeitsysteme Smart Time Plus versions prior to v8.x through v8.6, which stems from a SQL injection vulnerability in the getCookieNames method...

PT-2025-7717 · Agito Computer · Health4All

Name of the Vulnerable Software and Affected Versions: Agito Computer Health4All versions prior to 10.01.2025 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...