CVE-2025-15181

A security flaw has been discovered in code-projects Refugee Food Management System 1.0. The impacted element is an unknown function of the file /home/pagenateRefugeesList.php. Performing manipulation of the argument rfid results in sql injection. Remote exploitation of the attack is possible. Th...

CVE-2025-13417

The Plugin Organizer WordPress plugin before 10.2.4 does not sanitize and escape a parameter before using it in a SQL statement, allowing subscribers to perform SQL injection attacks...

CVE-2025-15211 code-projects Refugee Food Management System refugee.php sql injection

A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown function of the file /home/refugee.php. Executing manipulation of the argument refNo/Fname/Lname/sex/age/contact/nationalitynid can lead to sql injection. The attack can be executed remotely. The...

PT-2025-54200

Name of the Vulnerable Software and Affected Versions Appointify versions through 1.0.8 Description A flaw exists in Appointify that allows for Blind SQL Injection due to improper neutralization of special elements used in SQL commands. This could potentially allow an attacker to manipulate...

PT-2025-53829

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A flaw exists in Refugee Food Management System 1.0 that allows for SQL injection. Manipulation of the arguments refNo, Fname, Lname, sex, age, contact, and nationality nid can lead to a...

EUVD-2025-205539

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be...

PT-2025-53804

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A weakness exists in Refugee Food Management System 1.0. The issue is related to the manipulation of the argument a/b/c/d in the file '/home/editfood.php', which can lead to SQL injection...

PT-2025-53687

Name of the Vulnerable Software and Affected Versions BiggiDroid Simple PHP CMS version 1.0 Description A weakness exists in BiggiDroid Simple PHP CMS 1.0. The issue is related to some unknown functionality within the /admin/editsite.php file. Manipulation of the ID parameter can lead to SQL...

itsourcecode Online Cake Ordering System SQL注入漏洞

itsourcecode Online Cake Ordering System is an online cake ordering system of itsourcecode open source . A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Cake Ordering System, which stems from incorrect manipulation of the parameter ID in the file...

PT-2025-53712

Name of the Vulnerable Software and Affected Versions code-projects Refugee Food Management System version 1.0 Description A flaw exists in code-projects Refugee Food Management System 1.0, specifically within an unknown functionality of the /home/refugeesreport.php file. Manipulation of the a...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Shenzhou Vision Han Technology Co., Ltd (CNVD-C-2025-1206330)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

CampCodes Supplier Management System SQL注入漏洞

CampCodes Supplier Management System is a supplier management system from CampCodes, Inc. A SQL injection vulnerability exists in CampCodes Supplier Management System version 1.0, which stems from an incorrect manipulation of the parameter chkId in the file /admin/viewproducts.php, which could le...

PT-2025-53710

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A security issue exists in code-projects Refugee Food Management System 1.0. The manipulation of the tfid argument in the file '/home/viewtakenfd.php' leads to a SQL injection. The attack...

PT-2025-53685

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A SQL injection issue exists in itsourcecode Student Management System 1.0. Manipulation of the ID argument in the /statistical.php file can lead to SQL injection. The attack can b...

CVE-2025-15088 ketr JEPaaS loadPostil postilService.loadPostils sql injection

A vulnerability was detected in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is the function postilService.loadPostils of the file /je/postil/postil/loadPostil. Performing a manipulation of the argument keyWord results in sql injection. Remote exploitation of the attack is possible. Th...

CVE-2025-68496

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through = 1.10.0...

EUVD-2025-205359

A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contactus.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and...

Prison Management System search.php File SQL Injection Vulnerability

Prison Management System is a prison management system. Prison Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter keyname in the file /admin/search.php. An attacker can exploit this...

CVE-2025-15049

A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown function of the file /addProduct.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2024-39037

MyNET up to v26.08.316 was discovered to contain an Unauthenticated SQL Injection vulnerability via the intmenu parameter...