EUVD-2025-33308

A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument registerusername results in sql injection. The attack is possible to be carried out remotely. The exploit ...

CVE-2025-11396

A vulnerability was identified in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /product.php. Such manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

CVE-2025-11473 SourceCodester Hotel and Lodge Management System edit_curr.php sql injection

A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /editcurr.php. Such manipulation of the argument currsymbol leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...

CVE-2025-10351 SQL injection vulnerability in Melis Platform

SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'idPage' parameter in the '/melis/MelisCms/PageEdition/getTinyTemplates' endpoint...

CVE-2025-11430

A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-10587 Community Events <= 1.5.1 - Unauthenticated SQL Injection

The Community Events plugin for WordPress is vulnerable to SQL Injection via the eventcategory parameter in all versions up to, and including, 1.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

PT-2025-41311

Name of the Vulnerable Software and Affected Versions PHPGurukul Beauty Parlour Management System version 1.1 Description A security flaw exists in PHPGurukul Beauty Parlour Management System 1.1. The issue involves SQL injection due to manipulation of the searchdata argument within an unknown...

PT-2025-41214

Name of the Vulnerable Software and Affected Versions code-projects Web-Based Inventory and POS System version 1.0 Description A flaw exists in code-projects Web-Based Inventory and POS System 1.0. The issue is related to the manipulation of the emailid argument in the /login.php file, which can...

Melis Platform SQL注入漏洞

Melis Platform is an open source cross-framework digital platform from Melis Platform Open Source. A SQL injection vulnerability exists in Melis platform, which stems from insufficient validation of the idPage parameter and could lead to a SQL injection attack...

SourceCodester Wedding Reservation Management System SQL注入漏洞

SourceCodester Wedding Reservation Management System is a SourceCodester open source wedding reservation management system. SourceCodester Wedding Reservation Management System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the incorrect operation of the function...

PT-2025-41206

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A SQL injection issue exists due to the manipulation of the order id argument. This affects an unknown function within the /pages/edit order details.php file. The attack can be launched...

WordPress plugin Find Me On 安全漏洞

WordPress Find Me On plugin is a downgraded plugin that is mainly used to add social media link portals to your website. WordPress Find Me On plugin suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. The...

CVE-2025-11416 PHPGurukul Beauty Parlour Management System invoices.php sql injection

A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/invoices.php. Performing a manipulation of the argument delid results in sql injection. The attack can be initiated remotely. The exploit has been released to th...

CVE-2025-11415 PHPGurukul Beauty Parlour Management System customer-list.php sql injection

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/customer-list.php. Such manipulation of the argument delid leads to sql injection. It is possible to launch the attack remotely. The exploit i...

Subscription Health Dashboard 2025 Update

Deployment health is mission-critical in today’s digital environment. Duplicate records, ghost hosts, and stale data obscure insights, slow decisions, and erode confidence. Building on last year’s Subscription Health Dashboard blog and best practices, the 2025 update delivers cleaner visibility,...

CVE-2025-11343

A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is an unknown function of the file delete.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly an...

CVE-2025-11403

A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this issue is some unknown functionality of the file /delbooking.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has...

EUVD-2025-32728

A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /delcurr.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been...

CVE-2025-11402 SourceCodester Hotel and Lodge Management System del_curr.php sql injection

A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /delcurr.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been...

CVE-2025-11402

SourceCodester Hotel and Lodge Management System 1.0 contains a SQL injection vulnerability in the /del_curr.php file. The vulnerability arises from manipulating the ID parameter, permitting remote exploitation, and public disclosure of the exploit is noted across multiple sources (NVD, Red Hat, ...