Campcodes Online Loan Management System 安全漏洞

CampCodes Online Loan Management System is an online loan management system from CampCodes Philippines, Inc. A security vulnerability exists in Campcodes Online Loan Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the parameter loanid in...

CGM CLININET SQL注入漏洞

CGM CLININET is a hospital information management system from German company CGM. CGM CLININET suffers from a SQL injection vulnerability that stems from improper handling of the UserID parameter in the getUserInfo function, which could lead to a SQL injection attack...

Linux Distros Unpatched Vulnerability : CVE-2024-4472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3...

CVE-2025-50979

CVE-2025-50979 affects NodeBB v4.3.0 with a SQL injection in the /api/v3/search/categories endpoint due to an unsanitized search parameter. Unauthenticated, remote attackers can use boolean-based blind and PostgreSQL error-based payloads. Impact: high confidentiality, low integrity, low availabil...

CVE-2025-57813 Insertion of Sensitive Information into Log File in github.com/traPtitech/traQ

traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an...

CVE-2025-9473 SourceCodester Online Bank Management System feedback.php sql injection

A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. This impacts an unknown function of the file /feedback.php. The manipulation of the argument msg leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly an...

CVE-2025-9471

A vulnerability has been found in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /maintenance/addmaintenancecost.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-9470 itsourcecode Apartment Management System add_m_committee.php sql injection

A flaw has been found in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /management/addmcommittee.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-9470

CVE-2025-9470 affects itsourcecode Apartment Management System 1.0. The vulnerability lies in /management/add_m_committee.php where manipulation of the ID parameter enables SQL injection, potentially exploitable remotely. The exploit has been published and multiple sources describe a SQL‑injectio...

PT-2025-34738

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A SQL injection issue exists in the /maintenance/add maintenance cost.php file due to the manipulation of the ID argument. Remote exploitation is possible. The exploit has been...

SourceCodester Online Bank Management System 安全漏洞

SourceCodester Online Bank Management System is a SourceCodester open source online bank management system. A security vulnerability exists in SourceCodester Online Bank Management System version 1.0, which is caused by a SQL injection attack due to incorrect manipulation of the parameter msg in...

User Management System emailid Parameter SQL Injection Vulnerability

User Management System is a user management system. User Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter emailid of the signup.php file. An attacker can exploit this vulnerability to...

itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements for parameter ID in file /maintenance/addmaintenancecost.php. An attacker can exploit thi...

Sports Management System sports.php File SQL Injection Vulnerability

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/sports.php. An attacker can exploit this vulnerabili...

PT-2025-34789 · Digital Creators Club Trap · Traq

Name of the Vulnerable Software and Affected Versions: traQ versions prior to 3.25.0 Description: traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the...

Linux Distros Unpatched Vulnerability : CVE-2023-2478

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.9.7, all versions starting from 15.10 before 15.10.6, all...

CVE-2025-9426 itsourcecode Online Tour and Travel Management System package.php sql injection

A weakness has been identified in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /package.php. Executing manipulation of the argument subcatid can lead to sql injection. The attack may be performed from a remote location. The exploit has been...

CVE-2025-9419 itsourcecode Apartment Management System addunit.php sql injection

A vulnerability was detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /unit/addunit.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now public and may be...

CVE-2025-9418 itsourcecode Apartment Management System addowner.php sql injection

A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /owner/addowner.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-50383

alextselegidis Easy!Appointments v1.5.1 was discovered to contain a SQL injection vulnerability via the orderby parameter...