CVE-2025-10846

A vulnerability was determined in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /module/ComponenteCurricular/edit. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...

CVE-2025-10833 1000projects Bookstore Management System login.php sql injection

A vulnerability was determined in 1000projects Bookstore Management System 1.0. The impacted element is an unknown function of the file /login.php. This manipulation of the argument unm causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed a...

CVE-2025-10831

A vulnerability has been found in Campcodes Computer Sales and Inventory System 1.0. Impacted is an unknown function of the file /pages/proedit1.php. The manipulation of the argument prodcode leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed...

CVE-2025-10832 SourceCodester Pet Grooming Management Software fetch_product_details.php sql injection

A vulnerability was found in SourceCodester Pet Grooming Management Software 1.0. The affected element is an unknown function of the file /admin/fetchproductdetails.php. The manipulation of the argument barcode results in sql injection. The attack may be performed from remote. The exploit has bee...

CVE-2025-10830 Campcodes Computer Sales and Inventory System inv_edit1.php sql injection

A flaw has been found in Campcodes Computer Sales and Inventory System 1.0. This issue affects some unknown processing of the file /pages/invedit1.php. Executing manipulation of the argument idd can lead to sql injection. The attack can be executed remotely. The exploit has been published and may...

CampCodes Computer Sales and Inventory System 安全漏洞

CampCodes Computer Sales and Inventory System is a computerized sales and inventory system from CampCodes Philippines. A security vulnerability exists in CampCodes Computer Sales and Inventory System version 1.0, which stems from incorrect manipulation of the parameter ID in the file...

Code-Projects Online Bidding System SQL注入漏洞

Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID in the file /administrator/wew.php. An attacker can exploit this vulnerability to...

PT-2025-39108

Name of the Vulnerable Software and Affected Versions 1000projects Bookstore Management System version 1.0 Description A flaw exists in 1000projects Bookstore Management System version 1.0 related to the manipulation of the unm argument in the /login.php file, leading to a SQL injection. This iss...

PT-2025-39116

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description A security flaw exists in SourceCodester Pet Grooming Management Software version 1.0. The issue involves SQL injection stemming from manipulation of the ID argument withi...

PT-2025-39119

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description A flaw exists in SourceCodester Pet Grooming Management Software that allows for SQL injection. This occurs through manipulation of the sql111 argument in the file...

OnePlus OxygenOS 安全漏洞

OnePlus OxygenOS is a smartphone operating system from Chinese company OnePlus. A security vulnerability exists in OnePlus OxygenOS, which stems from a lack of write access to multiple content providers and SQL injection in the update method of these providers, which could lead to the disclosure ...

PT-2025-39187

Name of the Vulnerable Software and Affected Versions CSZ-CMS version 1.3.0 Description A SQL Injection issue exists in CSZ-CMS version 1.3.0. This allows a remote attacker to execute arbitrary code through the execSqlFile function located in the Upgrade.php file. The vulnerability is triggered b...

ROS-20250923-23

Vulnerability in the Zabbix universal monitoring system is related to insufficient cleaning of user data transmitted via the "Visible name" field during automatic host deletion. data transmitted via the "Visible Name" field during automatic host deletion. Exploitation vulnerability could allow a...

CVE-2025-10817 Campcodes Online Learning Management System admin_user.php sql injection

A weakness has been identified in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/adminuser.php. Executing manipulation of the argument firstname can lead to sql injection. The attack may be launched remotely. The exploit has been made...

CVE-2025-10817 Campcodes Online Learning Management System admin_user.php sql injection

A weakness has been identified in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/adminuser.php. Executing manipulation of the argument firstname can lead to sql injection. The attack may be launched remotely. The exploit has been made...

WordPress Wp tabber widget Plugin <= 4.0 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Peter Thaleikis in WordPress Plugin Wp tabber widget versions = 4.0...

CVE-2025-10810

CVE-2025-10810 affects Campcodes Online Learning Management System v1.0. The vulnerability is a SQL injection in the unknown function of /admin/edit_user.php triggered by manipulating the firstname parameter, exploitable remotely with public exploit available. Documented impact includes high conf...

CVE-2025-10807

A security flaw has been discovered in Campcodes Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/edit-customer-detailed.php. The manipulation of the argument editid results in sql injection. The attack may be launched remotely. The exploit...

CVE-2025-10797

The CVE-2025-10797 entry concerns code-projects Hostel Management System 1.0. The vulnerability affects the file /justines/index.php where manipulation of the log_email parameter enables SQL injection. Multiple connected sources (CNVD, CNNVD, Red Hat, CVE records) confirm remote exploitation pote...

CVE-2025-10795 code-projects Online Bidding System bidupdate.php sql injection

A vulnerability has been found in code-projects Online Bidding System 1.0. This affects an unknown part of the file /administrator/bidupdate.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...