CVE-2025-13253

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /addlibrarian.php. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...

CVE-2024-44652

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the useremail, username, userfirstname, userlastname, and useraddress parameters in userregister.php...

Fortinet FortiVoice SQL注入漏洞

Fortinet FortiVoice is a Unified Communications and Collaboration-as-a-Service from Fortinet, Inc. A SQL injection vulnerability exists in Fortinet FortiVoice versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.7, which stems from improperly neutralized SQL commands and could lead to the execution...

CVE-2025-56643

CVE-2025-56643 affects Wiki.js 2.5.307. The root cause is in the authentication resolver logic, where active JWT tokens are not properly revoked or invalidated on user logout. This leaves previously issued tokens valid for GraphQL and logout endpoints, enabling potential unauthorized access if a ...

Student Information System register.php File SQL Injection Vulnerability

Student Information System is a student information system. Student Information System is vulnerable to a SQL injection vulnerability that originates from improper handling of user input in the /register.php file. No details of the vulnerability are available at this time...

Code-Projects Simple Pizza Ordering System SQL注入漏洞

Code-Projects Simple Pizza Ordering System is a Code-Projects open source simple pizza ordering system. A SQL injection vulnerability exists in Code-Projects Simple Pizza Ordering System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /listorder.php, which can...

Student Information System searchquery.php File SQL Injection Vulnerability

Student Information System is a student information system. The Student Information System suffers from a SQL injection vulnerability that originates from the parameter s in the /searchquery.php file that does not effectively filter user input. An attacker can exploit this vulnerability by...

EUVD-2025-197901

A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

CVE-2025-13319

Digi On-Prem Manager API is affected by an authenticated SQL injection vulnerability (CVE-2025-13319). An attacker with valid API tokens can inject SQL via crafted input; the API is not enabled by default. CVSS 3.1 base score 8.8 (HIGH) with impact to confidentiality, integrity, and availability....

EUVD-2025-197792

A vulnerability was found in code-projects Nero Social Networking Site 1.0. The affected element is an unknown function of the file /profilefriends.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been made public and...

CVE-2025-13280 CodeAstro Simple Inventory System Login index.php sql injection

A vulnerability was determined in CodeAstro Simple Inventory System 1.0. The impacted element is an unknown function of the file /index.php of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has bee...

EUVD-2025-197783

A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepayment. Performing manipulation of the argument ID results in sql injection. The attack is possible to be...

CVE-2025-13271

A vulnerability was determined in Campcodes School Fees Payment Management System 1.0. This impacts an unknown function of the file /ajax.php?action=login. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2025-13271 Campcodes School Fees Payment Management System ajax.php sql injection

A vulnerability was determined in Campcodes School Fees Payment Management System 1.0. This impacts an unknown function of the file /ajax.php?action=login. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2025-13270

A vulnerability was found in Campcodes School Fees Payment Management System 1.0. This affects an unknown function of the file /ajax.php?action=savecourse. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could...

CVE-2025-13242

A vulnerability has been found in code-projects Student Information System 2.0. This issue affects some unknown processing of the file /register.php. The manipulation leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be...

CVE-2025-13234

A vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=product. Performing manipulation of the argument PROID results in sql injection. It is possible to initiate the attack remotely. The exploit has been mad...

EUVD-2025-197749

A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has be...

EUVD-2025-197737

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /booksearch.php. Performing manipulation of the argument bookpub/booktitle results in sql injection. It is possible to initiate the attack remotely...

CVE-2025-13233

A vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=single-item. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to...