WordPress plugin WP Full Stripe Free SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Linux Distros Unpatched Vulnerability : CVE-2022-40315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A limited SQL injection risk was identified in the browse list of users site administration page. CVE-2022-40315 Note that Nessus relies on the presence of the...

CVE-2025-48544

In multiple locations, there is a possible way to read files belonging to other apps due to SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Sports Management System resultdetails.php File SQL Injection Vulnerability

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /Admin/resultdetails.php. An attacker can exploit this vulnerabili...

Concept Intermedia GOV CMS SQL注入漏洞

Concept Intermedia GOV CMS is a content management system for the public sector from Concept Intermedia, Poland. A SQL injection vulnerability exists in Concept Intermedia GOV CMS versions prior to 4.0, which stems from improperly cleaned search query parameters and could lead to a blind SQL...

Sports Management System sporttype.php File SQL Injection Vulnerability

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/sporttype.php. An attacker can exploit this...

CVE-2025-9928 projectworlds Travel Management System viewcategory.php sql injection

A security flaw has been discovered in projectworlds Travel Management System 1.0. The impacted element is an unknown function of the file /viewcategory.php. Performing manipulation of the argument t1 results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

Projectworlds Travel management System SQL注入漏洞

Projectworlds Travel management System is a travel management system from Projectworlds India. A SQL injection vulnerability exists in Projectworlds Travel management System version 1.0, which originates from an incorrect manipulation of parameter t1 in file /viewcategory.php resulting in a SQL...

WordPress plugin Mail Mint SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2025-9840

The CVE-2025-9840 issue affects itsourcecode Sports Management System version 1.0, specifically the /Admin/gametype.php file. The root cause is an unsafely handled parameter (code) that allows SQL injection, enabling remote exploitation. Public exploits have been reported, and multiple sources de...

CVE-2025-9839

The CVE-2025-9839 issue affects itsourcecode Student Information Management System 1.0. Affected component/file: /admin/modules/course/index.php, where manipulating the ID argument leads to an SQL injection. Remote exploitation is possible, and public exploits are reported. Multiple connected sou...

CVE-2025-9833 SourceCodester Online Farm Management System login.php sql injection

A vulnerability was detected in SourceCodester Online Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/login.php. Performing manipulation of the argument uname results in sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-9742

A vulnerability was identified in code-projects Human Resource Integrated System 1.0. This issue affects some unknown processing of the file /login.php. Such manipulation of the argument user/pass leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

postgresql: PostgreSQL executes arbitrary code in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...

RemoteClinic 安全漏洞

RemoteClinic is a clinic management system from RemoteClinic open source. A security vulnerability exists in RemoteClinic version 2.0, which stems from a SQL injection due to incorrect manipulation of the parameter ID in the file /staff/profile.php...

Simple Grading System delete_account.php File SQL Injection Vulnerability

Simple Grading System is a simple grading system. Simple Grading System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID in the file /deleteaccount.php. An attacker can exploit this vulnerability to execute...

PT-2025-35612

Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.1 Description: A weakness exists in PHPGurukul Beauty Parlour Management System 1.1. The issue is related to SQL injection in the /admin/edit-services.php file. Manipulation of the sername...

Online Course Registration admin/student-registration.php File SQL Injection Vulnerability

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter studentname in the file /admin/student-registration.php. An...

Simple Grading System login.php File SQL Injection Vulnerability

Simple Grading System is a simple grading system. Simple Grading System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the file /login.php. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

Linux Distros Unpatched Vulnerability : CVE-2023-28329

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of profile field availability condition resulted in an SQL injection risk by default only available to teachers and managers...