CVE-2025-10421

A flaw has been found in SourceCodester Student Grading System 1.0. This vulnerability affects unknown code of the file /updateaccount.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-10418

CVE-2025-10418 affects SourceCodester Student Grading System 1.0. The vulnerability lies in /view_students.php where manipulation of the ID parameter causes SQL injection. Exploitation can be performed remotely and publicly available exploit code exists. Impact is high for confidentiality, integr...

CVE-2025-10417 Campcodes Grocery Sales and Inventory System ajax.php sql injection

A security flaw has been discovered in Campcodes Grocery Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=deleteproduct. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...

PT-2025-37730

Name of the Vulnerable Software and Affected Versions Teampel version 5.1.6 Description Teampel version 5.1.6 is susceptible to SQL Injection through the /Common/login.aspx API endpoint. Recommendations As a temporary workaround, consider restricting access to the /Common/login.aspx endpoint unti...

PT-2025-37462

Name of the Vulnerable Software and Affected Versions: Campcodes Computer Sales and Inventory System version 1.0 Description: A weakness exists in Campcodes Computer Sales and Inventory System that allows for SQL injection. The issue is located in an unknown function of the file /pages/sup...

PT-2025-37772

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A security issue has been identified in SourceCodester Online Student File Management System. The vulnerability resides in the /remove file.php file, specifically...

PT-2025-37773

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A SQL injection issue exists in SourceCodester Online Student File Management System version 1.0. The issue is located in the /admin/index.php file, within an unkno...

CVE-2025-57104

Teampel 5.1.6 is vulnerable to SQL Injection in /Common/login.aspx...

SourceCodester Pet Grooming Management Software SQL注入漏洞

SourceCodester Pet Grooming Management Software is a SourceCodester open source pet grooming management system. SourceCodester Pet Grooming Management Software version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter ID in the file...

PT-2025-37759

Name of the Vulnerable Software and Affected Versions: kidaze CourseSelectionSystem affected versions not specified Description: A vulnerability exists in kidaze CourseSelectionSystem related to SQL injection. Manipulation of the Branch argument in an unknown function within the...

PT-2025-37718

Name of the Vulnerable Software and Affected Versions Frappe versions prior to 15.72.0 Frappe versions prior to 14.96.10 Description The add tag function at frappe/desk/doctype/tag/tag.py is susceptible to SQL Injection. This allows an attacker to extract information from databases by injecting a...

PT-2025-37740

Name of the Vulnerable Software and Affected Versions: yangzongzhuan RuoYi versions up to 4.8.1 Description: A security flaw has been discovered in yangzongzhuan RuoYi. This impacts the filterKeyword function of the file /com/ruoyi/common/utils/sql/SqlUtil.java within the Blacklist Handler...

CVE-2025-10409 SourceCodester Student Grading System rms.php sql injection

A weakness has been identified in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /rms.php?page=users. Executing manipulation of the argument fname can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public...

PT-2025-37414

Name of the Vulnerable Software and Affected Versions: SourceCodester Food Ordering Management System version 1.0 Description: A security issue exists in SourceCodester Food Ordering Management System 1.0. The vulnerability is due to SQL injection in an unknown function of the file...

CampCodes Grocery Sales and Inventory System SQL注入漏洞

CampCodes Grocery Sales and Inventory System is a grocery sales and inventory system from CampCodes Philippines. A SQL injection vulnerability exists in Campcodes Grocery Sales and Inventory System version 1.0, which stems from incorrect manipulation of the parameter ID in file/ajax.php, which...

SourceCodester Student Grading System SQL注入漏洞

SourceCodester Student Grading System is a SourceCodester open source student grading system. A SQL injection vulnerability exists in SourceCodester Student Grading System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /viewuser.php, which could lead to a SQL...

PT-2025-37407

Name of the Vulnerable Software and Affected Versions: SourceCodester Pet Grooming Management Software version 1.0 Description: A SQL injection issue exists in SourceCodester Pet Grooming Management Software version 1.0 due to manipulation of the ID argument in the /admin/edit role.php file. This...

CVE-2025-27240

A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field...

CVE-2025-27240

A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field...

WordPress Testimonial Plugin SQL Injection Vulnerability

WordPress Testimonial Plugin is a plugin for displaying customer feedback, testimonials or user reviews in your website, mainly for enhancing website trust and social proof. WordPress Testimonial Plugin suffers from a SQL injection vulnerability that stems from insufficient cleaning and escaping ...