2784 matches found
CVE-2026-2162
A vulnerability was determined in itsourcecode News Portal Project 1.0. This affects an unknown part of the file /admin/aboutus.php. This manipulation of the argument pagetitle causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...
CVE-2026-2162 itsourcecode News Portal Project aboutus.php sql injection
A vulnerability was determined in itsourcecode News Portal Project 1.0. This affects an unknown part of the file /admin/aboutus.php. This manipulation of the argument pagetitle causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...
CVE-2026-2132
A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the argument txtcat results in sql injection. The attack can be executed remotely. The exploit has bee...
News Portal Project SQL注入漏洞
News Portal Project is an open-source news portal project developed by Anuj Kumar as a personal project. Version 1.0 of News Portal Project has a SQL injection vulnerability, which arises from incorrect handling of the parameter pagetitle in the file admin/aboutus.php, potentially leading to SQL...
PHPGurukul Hospital Management System SQL注入漏洞
PHPGurukul Hospital Management System is a hospital management system developed by PHPGurukul company, based on PHP and MySQL. Version 4.0 of PHPGurukul Hospital Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameter IDs in the file...
PT-2026-7022
Name of the Vulnerable Software and Affected Versions itsourcecode School Management System version 1.0 Description A flaw exists in itsourcecode School Management System that allows for remote code execution. The issue is related to the manipulation of the ay argument in the file...
PT-2026-6992
Name of the Vulnerable Software and Affected Versions itsourcecode Directory Management System version 1.0 Description A flaw exists in itsourcecode Directory Management System that allows for remote code execution. The issue is located within the /admin/forget-password.php file. Specifically,...
CVE-2026-24417
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Time-Based Blind SQL Injection vulnerability in the global search functionality. The application fails to properly sanitize the term parameter before...
CVE-2026-2090 SourceCodester Online Class Record System search.php sql injection
A vulnerability was determined in SourceCodester Online Class Record System 1.0. This issue affects some unknown processing of the file /admin/message/search.php. Executing a manipulation of the argument term can lead to sql injection. The attack can be executed remotely. The exploit has been...
EUVD-2026-5759
A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclos...
PT-2026-6901
Name of the Vulnerable Software and Affected Versions code-projects Social Networking Site version 1.0 Description A security flaw exists in code-projects Social Networking Site 1.0. The issue is related to SQL injection in an unknown function within the /delete post.php file. Manipulating the ID...
CVE-2020-37154 eLection 2.0 - 'id' SQL Injection
eLection 2.0 contains an authenticated SQL injection vulnerability in the candidate management endpoint that allows attackers to manipulate database queries through the 'id' parameter. Attackers can leverage SQLMap to exploit the vulnerability, potentially gaining remote code execution by uploadi...
Bugbounty-Scanner-Suite
Bugbounty Scanner Suite Herramienta todo-en-uno para automati...
CVE-2025-69214 OpenSTAManager has a SQL Injection in ajax_select.php (componenti endpoint)
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an SQL Injection vulnerability exists in the ajaxselect.php endpoint when handling the componenti operation. An authenticated attacker can inject malicious SQL code through the...
CVE-2026-2060
Summary: CVE-2026-2060 affects code-projects’ Simple Blood Donor Management System 1.0. The vulnerability is in the file /simpleblooddonor/editcampaignform.php, where manipulating the ID parameter results in an SQL injection. The issue is exploitable remotely and the exploit has been publicly dis...
CVE-2019-25303 TheJshen contentManagementSystem 1.04 - 'id' SQL Injection
TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information...
OESA-2026-1309 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django versions before 6.0.2, before 5.2.11, and before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsg...
CVE-2026-21643
An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests...
EUVD-2025-206820
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Martcode Software Inc. Delta Course Automation allows SQL Injection.This issue affects Delta Course Automation: through 04022026. NOTE: The vendor was contacted early about this disclosure but did...
Ofensive-security-Portfolio
This repository contains my Offensive Cyber Security / Penetrati...