Ivanti Endpoint Manager SQL注入漏洞

Ivanti Endpoint Manager is a unified endpoint management solution for the enterprise that is designed to centrally manage all types of devices including Windows, macOS, Linux, ChromeOS and IoT devices within an organization, covering OS deployment, software distribution, remote control and more. ...

WordPress AffiliateWP plugin SQL Injection Vulnerability

WordPress AffiliateWP plugin an affiliate marketing plugin designed for the WordPress platform, mainly used to help users quickly build an affiliate program, track referrals, pay commissions and other functions. WordPress AffiliateWP plugin suffers from a SQL injection vulnerability that stems fr...

Ivanti Endpoint Manager（EPM） SQL注入漏洞

Ivanti Endpoint Manager is a unified endpoint management solution for the enterprise that is designed to centrally manage all types of devices including Windows, macOS, Linux, ChromeOS and IoT devices within an organization, covering OS deployment, software distribution, remote control and more. ...

Inferno Online Clothing Store SQL注入漏洞

Inferno Online Clothing Store is an online shopping website by the individual developer Muhammad Yousaf Saddique. Inferno Online Clothing Store suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter cemail/password in the file /log.php, which could lead...

PT-2025-41828

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager affected versions not specified Description A SQL injection issue exists in Ivanti Endpoint Manager. A remotely authenticated attacker can potentially read arbitrary data from the database. The issue allows for...

E-Commerce Website /pages/supplier_update.php SQL Injection Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from improper filtering of SQL statements submitted by the parameter suppid in the /pages/supplierupdate.php file, which can be exploited by an attacker to gain unauthorized...

CVE-2025-11601

A vulnerability was detected in SourceCodester Online Student Result System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. Performing manipulation of the argument Username results in sql injection. The attack can be initiated remotely. The exploit is now...

PT-2025-41709

Name of the Vulnerable Software and Affected Versions RainyGao DocSys versions through 2.02.36 Description A flaw exists in RainyGao DocSys that allows for remote manipulation leading to SQL injection. The issue is related to the getUserList function within the /Manage/getUserList.do file. The...

CVE-2025-11613

A vulnerability was found in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file /addcategory.php. The manipulation of the argument cname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-11605 code-projects Client Details System update-profile.php sql injection

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

CVE-2025-11603 code-projects Simple Food Ordering System editproduct.php sql injection

A vulnerability was found in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /editproduct.php. The manipulation of the argument Category results in sql injection. The attack may be launched remotely. The exploit has been made public and could be...

CVE-2025-11188

The Kiwire Captive Portal contains a blind SQL injection in the nas-id parameter, allowing for SQL commands to be issued and to compromise the corresponding database...

EUVD-2025-33814

A vulnerability was detected in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/edit-equipmentform.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now public and may be used...

BIT-GITLAB-2025-10004 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2 that could make the GitLab instance unresponsive or severely degraded by sending crafted GraphQL queries requesting large repository blobs...

CVE-2025-11593 CodeAstro Gym Management System delete-equipment.php sql injection

A flaw has been found in CodeAstro Gym Management System 1.0. This vulnerability affects unknown code of the file /admin/actions/delete-equipment.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

CVE-2025-11590

CVE-2025-11590 affects CodeAstro Gym Management System 1.0. The vulnerability is a SQL injection in the unknown functionality of /admin/equipment-entry.php via manipulation of the ename parameter. It is exploitable remotely, with public exploit information available. Connected sources do not prov...

SourceCodester Best Salon Management System SQL注入漏洞

SourceCodester Best Salon Management System is a SourceCodester open source salon management system. SourceCodester Best Salon Management System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the incorrect operation of the parameter ServiceId in the file...

Code-Projects Simple Food Ordering System SQL注入漏洞

Simple Food Ordering System is a simple food ordering system. The Simple Food Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Category in the file /editproduct.php. An attacker can exploit...

PT-2025-41692

Name of the Vulnerable Software and Affected Versions iPynch Social Network Website versions prior to b6933b6d7f82c84819abe458ccf0e59d61119541 Description A security flaw exists in the Search component of iPynch Social Network Website. Manipulation of an unknown function within this component can...

Code-Projects Simple Food Ordering System SQL注入漏洞

Simple Food Ordering System is a simple food ordering system. The Simple Food Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cname in the file editcategory.php. An attacker can exploit th...