itsourcecode Society Management System SQL注入漏洞

itsourcecode Society Management System is an itsourcecode open source society management system. A SQL injection vulnerability exists in version 1.0 of itsourcecode Society Management System, which stems from an incorrect manipulation of the parameter Title in the file /admin/editactivityquery.ph...

Code-Projects Online Product Reservation System SQL注入漏洞

Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. A SQL injection vulnerability exists in Code-Projects Online Product Reservation System version 1.0, which originates from the incorrect operation of the parameter emailadd in the fil...

CVE-2025-15446

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor mentioned in the original disclosure filed a report that this issue affects a different...

CVE-2026-0579

CVE-2026-0579 affects Code-Projects Online Product Reservation System 1.0. A SQL injection exists in the POST Parameter Handler for /handgunner-administrator/edit.php, triggered by manipulating the arguments prod_id, name, price, model, or serial. The vulnerability is exploitable remotely and pub...

EUVD-2026-0778

A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/productexport. Such manipulation of the argument cateid leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. T...

EUVD-2026-0776

A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/productlist. This manipulation of the argument cateid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2026-0576

A vulnerability was detected in code-projects Online Product Reservation System 1.0. Affected is an unknown function of the file /handgunner-administrator/prod.php of the component Parameter Handler. Performing a manipulation of the argument cat/price/name/model/serial results in sql injection. I...

PT-2026-1199

Name of the Vulnerable Software and Affected Versions Seeyon Zhiyuan OA Web Application System versions prior to 20251224 Description A flaw exists in Seeyon Zhiyuan OA Web Application System. The issue involves the manipulation of the unitCode argument within an unknown function of the file...

SecurityAnalystTasks

SecurityAnalystTasks This repository contains hands-on cyberse...

SQLi_AI_defence

SQLiAIdefence A small model ba...

PT-2026-3063

Name of the Vulnerable Software and Affected Versions GLPI versions 11.0.0 through 11.0.2 Description An unauthenticated user can execute SQL injection attacks through the inventory endpoint. The issue affects GLPI versions 11.0.0 through 11.0.2. The vulnerable endpoint is /inventory. The attack...

CVE-2025-15408

A vulnerability was found in code-projects Online Guitar Store 1.0. Affected is an unknown function of the file /admin/Createproduct.php. Performing a manipulation of the argument dretitle results in sql injection. The attack is possible to be carried out remotely. The exploit has been made publi...

CVE-2025-15407

A vulnerability has been found in code-projects Online Guitar Store 1.0. This impacts an unknown function of the file /admin/Createcategory.php. Such manipulation of the argument dreCtitle leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public an...

CVE-2026-0568

The CVE affects code-projects Online Music Site 1.0, specifically the /Frontend/ViewSongs.php file where manipulation of the ID parameter enables SQL injection. This allows remote exploitation, and an exploit has been published. Root cause is unsanitized/incorrect handling of the ID argument in a...

CVE-2026-0567

The CVE-2026-0567 entry affects code-projects Content Management System 1.0. The vulnerability is in the /pages.php file, where manipulating the ID argument causes a SQL injection. It can be exploited remotely and an exploit is publicly available. Connected advisories corroborate a remote SQL inj...

CVE-2025-59389

CVE-2025-59389 affects Hyper Data Protector. A SQL injection vulnerability allows remote attackers to run unauthorized commands or code. Public descriptions consistently cite that versions prior to 2.2.4.1 are affected, with a fix released in 2.2.4.1 and later. Multiple connected sources corrobor...

CVE-2025-59389 Hyper Data Protector

An SQL injection vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: Hyper Data Protector 2.2.4.1 and later...

CVE-2026-0546 code-projects Content Management System search.php sql injection

A vulnerability was determined in code-projects Content Management System 1.0. This impacts an unknown function of the file search.php. This manipulation of the argument Value causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may ...

CVE-2025-15435

CVE-2025-15435 affects Yonyou KSOA 9.0. The vulnerability is an SQL injection in an unknown functionality of file /worksheet/work_update.jsp, triggered by manipulating the Report argument. The attack can be initiated remotely and an exploit has been published; vendor response is not provided. Con...

CVE-2025-15435 Yonyou KSOA work_update.jsp sql injection

A flaw has been found in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /worksheet/workupdate.jsp. This manipulation of the argument Report causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. The vend...