7734 matches found
PT-2026-32332
Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load book.php...
SourceCodester Cab Management System 安全漏洞
SourceCodester Cab Management System is an open-source taxi management system developed by SourceCodester. Version 1.0 of the SourceCodester Cab Management System has a security vulnerability, which stems from SQL injection in the /cms/admin/categories/viewcategory.php file...
SourceCodester Online Thesis Archiving System 安全漏洞
The SourceCodester Online Thesis Archiving System is an open-source online thesis archiving system developed by SourceCodester. Version 1.0 of the SourceCodester Online Thesis Archiving System contains a security vulnerability, which stems from SQL injection in the file...
SourceCodester Online Resort Management System 安全漏洞
The SourceCodester Online Resort Management System is an open-source network-based application developed by SourceCodester. It provides online room booking capabilities and can also be used as a simple website for resorts. Version 1.0 of the SourceCodester Online Resort Management System has a...
Code-Projects Lost and Found Thing Management SQL注入漏洞
Code-Projects Lost and Found Thing Management is an open-source lost and found management tool developed by Code-Projects. Version 1.0 of Code-Projects Lost and Found Thing Management contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “cata”...
CVE-2026-36943
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/managerepair.php...
PT-2026-32276
A weakness has been identified in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/Login check.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been made...
SourceCodester Online Reviewer System 安全漏洞
The SourceCodester Online Reviewer System is an open-source online review system developed by SourceCodester. Version 1.0 of the SourceCodester Online Reviewer System contains a security vulnerability, which stems from an SQL injection vulnerability in the...
Code-Projects Vehicle Showroom Management System SQL注入漏洞
The Code-Projects Vehicle Showroom Management System is an open-source system for managing automobile showrooms developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from improper handling ...
CVE-2026-36945
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/clients/manageclient.php...
CVE-2026-36948
The connected sources confirm CVE-2026-36948 affects Sourcecodester Online Thesis Archiving System v1.0, with a SQL injection vulnerability in the file /otas/view_archive.php. Public details consistently describe an SQL injection condition but do not provide product versions beyond v1.0, impact s...
SourceCodester Basic Library System 安全漏洞
The SourceCodester Basic Library System is an open-source library system developed by SourceCodester. Version 1.0 of the SourceCodester Basic Library System contains a security vulnerability, which stems from an SQL injection vulnerability in the /librarysystem/loadstudent.php file...
PT-2026-32512
Apache SkyWalking CVE-2025-54057: Stored XSS https://t.co/U4ZzTJS7iT CVE-2026-34476: SSRF via SW-URL Header in MCP Server https://t.co/zPXOQv1Xff CVE-2026-34884: SSRF via set skywalking url Tool and GraphQL Expression Injection in MCP Server https://t.co/5H4PWKYENG...
SourceCodester Online Resort Management System 安全漏洞
The SourceCodester Online Resort Management System is an open-source network-based application developed by SourceCodester. It provides online room reservations and can also be used as a simple website for resorts. Version 1.0 of the SourceCodester Online Resort Management System has a security...
Linux Distros Unpatched Vulnerability : CVE-2025-9484
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 16.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain...
Dolibarr has SQL injection vulnerability in the rowid parameter of the admin dict.php
Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary SQL queries. Attackers can inject malicious SQL code through the rowid POST parameter to extract sensitive database information using...
EUVD-2019-20149
MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Chargegrouptotal parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind...
EUVD-2018-21768
Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileForm. Attackers can submit crafted SQL statements in the profile edit endpoint to modify user...
CVE-2019-25713
MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Chargegrouptotal parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind...
@saltcorn/data vulnerable to SQL Injection via jsexprToSQL Literal Handler
Summary The jsexprToSQL function in Saltcorn converts JavaScript expressions to SQL for use in database constraints. The Literal handler wraps string values in single quotes without escaping embedded single quotes, allowing SQL injection when creating Formula-type table constraints. Vulnerable...