SQL Injection Vulnerability in Remote Medical Comprehensive Service Platform of Beijing Divine Vision Han Technology Co. Ltd (CNVD-C-2025-928742)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the remote medical integrated service platform of Beijing Shenzhou Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

OpenCode USSD Gateway 安全漏洞

OpenCode USSD Gateway is an OpenCode open source gateway software for processing and managing USSD messages. A security vulnerability exists in OpenCode USSD Gateway version 6.13.11, which stems from an SQL injection in the ID parameter of the getSubUsersByProvider function...

WordPress Attention Bar plugin <= 0.7.2.1 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by WPScan in WordPress Plugin Attention Bar versions = 0.7.2.1...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Divine Vision Han Technology Co., Ltd (CNVD-C-2025-923949)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

ASUS Router 安全漏洞

ASUS Router is a router product and accompanying management application from ASUS, primarily used for wireless connectivity and management of home and business networks. ASUS Router suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally enter...

EUVD-2025-198805

ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName...

CVE-2025-13596 Improper Error Handling Leading to Sensitive Information Disclosure in CIGES ≤ 2.15.6

A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack traces to the client...

CVE-2025-13583 code-projects Question Paper Generator POST Parameter signupscript.php sql injection

A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed remotely. The exploi...

CVE-2025-13579

A vulnerability was found in code-projects Library System 1.0. This impacts an unknown function of the file /return.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-13578 code-projects Library System Login index.php sql injection

A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

CVE-2025-13578 code-projects Library System Login index.php sql injection

A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

PT-2025-47888

A flaw has been found in SourceCodester Online Student Clearance System 1.0. Impacted is an unknown function of the file /Admin/changepassword.php. This manipulation of the argument txtconfirm password causes sql injection. It is possible to initiate the attack remotely. The exploit has been...

PT-2025-47882

Name of the Vulnerable Software and Affected Versions code-projects COVID Tracking System version 1.0 Description A flaw exists in the processing of the /login.php file within the software. Manipulation of the code argument can lead to SQL injection. This issue is remotely exploitable and an...

Liferay Portal GraphQL Schema Detected

This is an informational plugin to inform the user that the scanner has detected that the target Liferay instance publicly exposes its GraphQL schema. No source data...

ZIRA Group Wholesale Business Revenue Management 安全漏洞

ZIRA Group Wholesale Business Revenue Management is a wholesale business revenue management system from ZIRA Group company in Bosnia and Herzegovina. A security vulnerability exists in ZIRA Group WBRM version 7.0, which originates from a SQL injection vulnerability in the...

Code-Projects COVID Tracking System SQL注入漏洞

Code-Projects COVID Tracking System is a new Crown Pneumonia tracking system from Code-Projects open source. A SQL injection vulnerability exists in Code-Projects COVID Tracking System version 1.0, which stems from incorrect manipulation of the parameter code in the file /login.php, which could...

CVE-2025-13569

Summary: CVE-2025-13569 affects itsourcecode COVID Tracking System 1.0. The vulnerability is an SQL injection in the file path /admin/?page=city caused by manipulation of the ID parameter. It can be exploited remotely and the exploit has been disclosed publicly. Reported across multiple sources (...

CVE-2025-13557

A vulnerability has been found in Campcodes Online Polling System 1.0. Affected by this issue is some unknown functionality of the file /registeracc.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the publ...

itsourcecode COVID Tracking System SQL注入漏洞

The COVID Tracking System is a new crown pneumonia tracking system. The COVID Tracking System suffers from a SQL injection vulnerability that stems from the /admin/?page=state file not securely filtering the ID parameter. The vulnerability can be exploited by an attacker to illegally obtain...

PT-2025-47866

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System version 1.0, specifically within the /delete admin.php file. Manipulation of the admin id argument can...