(0Day) Ivanti Endpoint Manager MP_VistaReport SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the MPVistaReport class. The issue results from the lack of proper validation of a...

(0Day) Ivanti Endpoint Manager MP_QueryDetail2 SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the MPQueryDetail2 class. The issue results from the lack of proper validation of a...

(0Day) Ivanti Endpoint Manager PatchHistory SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the PatchHistory class. The issue results from the lack of proper validation of a...

SourceCodester Hotel and Lodge Management System 安全漏洞

SourceCodester Hotel and Lodge Management System is SourceCodester open source hotel and lodge management system. A security vulnerability exists in SourceCodester Hotel and Lodge Management System version 1.0, which stems from an incorrect manipulation of the parameter email in the file login.ph...

(0Day) Ivanti Endpoint Manager Report_Run SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the ReportRun class. The issue results from the lack of proper validation of a...

CVE-2025-11334

A security flaw has been discovered in Campcodes Online Apartment Visitor Management System 1.0. Affected is an unknown function of the file /visitor-detail.php. The manipulation of the argument editid results in sql injection. The attack can be executed remotely. The exploit has been released to...

CVE-2025-11315

Tipray Data Leakage Prevention System 1.0 is affected. The vulnerability is in the findUserPage.do file, specifically the findUserPage function, where manipulation of the sort argument enables SQL injection. It is remotely exploitable and the exploit has been made public. The vendor was contacted...

EUVD-2025-32482

A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been published and may...

CVE-2025-11313 Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 findRolePage.do findRolePage sql injection

A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been published and may...

Code-Projects Online Course Registration SQL注入漏洞

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /admin/manage-students.php. An attacker can...

CampCodes Online Apartment Visitor Management SQL注入漏洞

CampCodes Online Apartment Visitor Management is an online apartment visitor management system from CampCodes Philippines. A SQL injection vulnerability exists in CampCodes Online Apartment Visitor Management version 1.0, which stems from an incorrect manipulation of the parameter editid in the...

PT-2025-40838

Name of the Vulnerable Software and Affected Versions Tipray Data Leakage Prevention System version 1.0 Description A flaw exists in Tipray Data Leakage Prevention System that allows for SQL injection. The issue is located in the findRolePage.do file and specifically affects the findRolePage...

PT-2025-40935

Name of the Vulnerable Software and Affected Versions code-projects Online Course Registration version 1.0 Description A flaw exists in code-projects Online Course Registration 1.0 that allows for SQL injection. The issue is located in the file /admin/edit-course.php and involves manipulation of...

CVE-2025-11309

Tipray Data Leakage Prevention System 1.0 is affected. The vulnerability lies in the doFilter function of findDeptPage.do, where manipulation of the sort parameter enables SQL injection. It can be exploited remotely, with public exploit availability noted by multiple sources. Impact includes high...

WordPress WP Dispatcher plugin <= 1.2.0 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by theviper17y in WordPress Plugin WP Dispatcher versions = 1.2.0...

EUVD-2025-29231

Malicious code in bioql PyPI...

EUVD-2025-31465

Malicious code in bioql PyPI...

EUVD-2025-29921

Malicious code in bioql PyPI...

EUVD-2025-26247

Malicious code in bioql PyPI...

EUVD-2025-24091

Malicious code in bioql PyPI...