CVE-2025-15207

CVE-2025-15207 affects Campcodes Supplier Management System 1.0, specifically the file /admin/view_products.php where manipulating the parameter chkId[] enables a SQL injection. Multiple connected documents corroborate remote exploitation and public disclosure of the exploit. Root cause is unsafe...

CVE-2025-15183

A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. This impacts an unknown function of the file /home/viewtakenfd.php. The manipulation of the argument tfid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

EUVD-2025-205539

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be...

CVE-2025-15165

A vulnerability has been found in itsourcecode Online Cake Ordering System 1.0. The impacted element is an unknown function of the file /updatecustomer.php?action=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

BiggiDroid Simple PHP CMS SQL注入漏洞

BiggiDroid Simple PHP CMS is a content management system from BiggiDroid open source. A SQL injection vulnerability exists in BiggiDroid Simple PHP CMS version 1.0, which stems from incorrect manipulation of the parameter ID in the file /admin/editsite.php, which can lead to SQL injection...

Code-Projects Refugee Food Management System SQL注入漏洞

Code-Projects Refugee Food Management System is an open source refugee food management system from Code-Projects. A SQL injection vulnerability exists in Code-Projects Refugee Food Management System version 1.0, which stems from incorrect manipulation of the parameter tfid in the file...

PT-2025-53712

Name of the Vulnerable Software and Affected Versions code-projects Refugee Food Management System version 1.0 Description A flaw exists in code-projects Refugee Food Management System 1.0, specifically within an unknown functionality of the /home/refugeesreport.php file. Manipulation of the a...

PT-2025-53804

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A weakness exists in Refugee Food Management System 1.0. The issue is related to the manipulation of the argument a/b/c/d in the file '/home/editfood.php', which can lead to SQL injection...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Shenzhou Vision Han Technology Co., Ltd (CNVD-C-2025-1206330)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

PT-2025-53687

Name of the Vulnerable Software and Affected Versions BiggiDroid Simple PHP CMS version 1.0 Description A weakness exists in BiggiDroid Simple PHP CMS 1.0. The issue is related to some unknown functionality within the /admin/editsite.php file. Manipulation of the ID parameter can lead to SQL...

itsourcecode Online Cake Ordering System SQL注入漏洞

itsourcecode Online Cake Ordering System is an online cake ordering system of itsourcecode open source . A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Cake Ordering System, which stems from incorrect manipulation of the parameter ID in the file...

CampCodes Supplier Management System SQL注入漏洞

CampCodes Supplier Management System is a supplier management system from CampCodes, Inc. A SQL injection vulnerability exists in CampCodes Supplier Management System version 1.0, which stems from an incorrect manipulation of the parameter chkId in the file /admin/viewproducts.php, which could le...

PT-2025-53756

Name of the Vulnerable Software and Affected Versions code-projects Assessment Management version 1.0 Description A flaw exists in code-projects Assessment Management 1.0, specifically within the file login.php. Manipulation of the userid argument can lead to SQL injection. This issue is remotely...

PT-2025-53710

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A security issue exists in code-projects Refugee Food Management System 1.0. The manipulation of the tfid argument in the file '/home/viewtakenfd.php' leads to a SQL injection. The attack...

PT-2025-53685

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A SQL injection issue exists in itsourcecode Student Management System 1.0. Manipulation of the ID argument in the /statistical.php file can lead to SQL injection. The attack can b...

CVE-2025-15143

A security flaw has been discovered in EyouCMS up to 1.7.6. The affected element is an unknown function of the file /application/admin/logic/FilemanagerLogic.php of the component Backend Template Management. The manipulation of the argument content results in sql injection. It is possible to laun...

Online MCQ EXAM SQL注入漏洞

Online MCQ EXAM is an online exam website by Saif Hassan, an individual developer. Online MCQ EXAM suffers from a SQL injection vulnerability that stems from the incorrect manipulation of the parameters ans1/ans2 in the file /admin/quesadd.php, which could lead to SQL injection...

PT-2025-53593

Name of the Vulnerable Software and Affected Versions krishanmuraiji SMS version 1.0 Description A SQL injection issue exists in krishanmuraiji SMS version 1.0. The issue is located within the '/studentms/admin/edit-class-detail.php' file and is triggered through the editid GET parameter. An...

EUVD-2025-205435

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

CVE-2025-15088 ketr JEPaaS loadPostil postilService.loadPostils sql injection

A vulnerability was detected in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is the function postilService.loadPostils of the file /je/postil/postil/loadPostil. Performing a manipulation of the argument keyWord results in sql injection. Remote exploitation of the attack is possible. Th...