EUVD-2025-37451

A vulnerability was found in itsourcecode Online Loan Management System 1.0. This vulnerability affects unknown code of the file /manageloan.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used...

CVE-2025-12606

A vulnerability was determined in itsourcecode Online Loan Management System 1.0. This issue affects some unknown processing of the file /manageborrower.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

PT-2025-44743

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A flaw exists in CodeAstro Gym Management System version 1.0 where manipulation of the id/ini weight argument in the file '/admin/update-progress.php' can lead to SQL injection. This issu...

SQL Injection Vulnerability in Changjitong T+ of Changjitong Information Technology Co. Ltd (CNVD-C-2025-778387)

T+ is a dynamic, intelligent and fashionable Internet management software, mainly for small and medium-sized industrial, trade and commerce enterprises with integrated financial and business applications, incorporating elements of socialization, mobility, Internet of Things, e-commerce and Intern...

PT-2025-44788

Name of the Vulnerable Software and Affected Versions Geutebruck G-Cam E-Series Cameras version 1.12.0.19 Description An unauthenticated SQL Injection exists within the Geutebruck G-Cam E-Series Cameras. The issue is located in the /uapi-cgi/viewer/Param.cgi script through the Group parameter...

Digiwin EasyFlow .NET和Digiwin EasyFlow AiNet SQL注入漏洞

Digiwin EasyFlow .NET and Digiwin EasyFlow AiNet are both products of China's Digiwin Corporation, Digiwin EasyFlow . AiNet is a business process automation platform. NET and Digiwin EasyFlow AiNet have a SQL injection vulnerability that originates from a vulnerability that could allow an...

PT-2025-44785

Name of the Vulnerable Software and Affected Versions Car-Booking-System-PHP version 1.0 Description Car-Booking-System-PHP version 1.0 is susceptible to SQL Injection in the /carlux/contact.php file. The vulnerability exists due to insufficient input validation when processing data submitted...

CVE-2025-63451

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php...

SourceCodester Best House Rental Management System SQL注入漏洞

SourceCodester Best House Rental Management System is a SourceCodester open source house rental management system. SourceCodester Best House Rental Management System version 1.0 exists SQL injection vulnerability, the vulnerability stems from the function deletepayment in the file /adminclass.php...

PT-2025-44744

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A flaw exists in CodeAstro Gym Management System 1.0 that could allow for SQL injection. This issue affects the /admin/view-progress-report.php file. Manipulation of the ID argument can...

CVE-2025-63451

CVE-2025-63451 affects Car-Booking-System-PHP v1.0 vulnerable via SQL Injection in /carlux/sign-in.php due to insufficient input validation. Underlying flaw enables unauthorized data access/manipulation with high impact across confidentiality, integrity, and availability (CVSS 3.1: 9.8). Evidence...

CVE-2025-12606

Consolidated reports from Red Hat, CIRCL, CNNVD and others confirm a SQL injection in itsourcecode Online Loan Management System 1.0, caused by manipulation of the ID parameter in /manage_borrower.php. Remote exploitation is possible and has been publicly disclosed. The connected documents do not...

CVE-2025-12605

CVE-2025-12605 affects itsourcecode Online Loan Management System 1.0. The vulnerability is an SQL injection in /manage_loan.php caused by manipulation of the ID parameter. It is exploitable remotely and the exploit is publicly available. CVSS shows a critical/high risk across sources (e.g., CVSS...

CVE-2025-12598

A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function savetenant of the file /adminclass.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be launched remotely. The exploit has been...

Code-Projects Simple Online Hotel Reservation System SQL注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Name in the file...

JavaWebVulnerabilityScanner

JavaWebVulnerabilityScanner 🔒 Java Web Vulnerability Scanner...

CVE-2025-36367

IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 is vulnerable to privilege escalation caused by an invalid IBM i SQL services authorization check. A malicious actor can use the elevated privileges of another user profile to gain root access to the host operating system...

CVE-2025-36367

IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 is vulnerable to privilege escalation caused by an invalid IBM i SQL services authorization check. A malicious actor can use the elevated privileges of another user profile to gain root access to the host operating system...

CVE-2025-52664

SQL injection in Revive Adserver 6.0.0 causes potential disruption or information access when specifically crafted payloads are sent by logged in users...

PT-2025-44724

Name of the Vulnerable Software and Affected Versions IBM i versions 7.2 through 7.6 Description IBM i is susceptible to a privilege escalation issue stemming from an incorrect IBM i SQL services authorization check. An attacker can exploit this to leverage the privileges of another user profile...