8282 matches found
PT-2025-34823
Name of the Vulnerable Software and Affected Versions: Campcodes Online Loan Management System version 1.0 Description: A security issue has been identified in Campcodes Online Loan Management System 1.0. The manipulation of the lastname argument in an unknown function of the file...
CGM CLININET SQL注入漏洞
CGM CLININET is a hospital information management system from German company CGM. CGM CLININET suffers from a SQL injection vulnerability that stems from improper handling of the getPerfServiceIds function, which could lead to a SQL injection attack...
itsourcecode Apartment Management System 安全漏洞
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /branch/addbranch.php. An attacker can exploit this...
PT-2025-34853 · Unknown · Patientservice.Pl
Name of the Vulnerable Software and Affected Versions: PatientService.pl affected versions not specified Description: The getPatientIdentifier function within the PatientService.pl service is susceptible to SQL injection due to improper handling of the pesel parameter. Recommendations: As a...
Linux Distros Unpatched Vulnerability : CVE-2024-4472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3...
Campcodes Online Loan Management System 安全漏洞
CampCodes Online Loan Management System is an online loan management system from CampCodes Philippines, Inc. A security vulnerability exists in Campcodes Online Loan Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the parameter loanid in...
CGM CLININET SQL注入漏洞
CGM CLININET is a hospital information management system from German company CGM. CGM CLININET suffers from a SQL injection vulnerability that stems from improper handling of the UserID parameter in the getUserInfo function, which could lead to a SQL injection attack...
PT-2025-34952
Name of the Vulnerable Software and Affected Versions: St. Joe ERP System affected versions not specified Description: A SQL injection vulnerability exists in the St. Joe ERP system "圣乔ERP系统" that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST...
CVE-2025-50979
CVE-2025-50979 affects NodeBB v4.3.0 with a SQL injection in the /api/v3/search/categories endpoint due to an unsanitized search parameter. Unauthenticated, remote attackers can use boolean-based blind and PostgreSQL error-based payloads. Impact: high confidentiality, low integrity, low availabil...
CVE-2025-57813 Insertion of Sensitive Information into Log File in github.com/traPtitech/traQ
traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an...
CVE-2025-9473 SourceCodester Online Bank Management System feedback.php sql injection
A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. This impacts an unknown function of the file /feedback.php. The manipulation of the argument msg leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly an...
CVE-2025-9471
A vulnerability has been found in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /maintenance/addmaintenancecost.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2025-9470 itsourcecode Apartment Management System add_m_committee.php sql injection
A flaw has been found in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /management/addmcommittee.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-9470
CVE-2025-9470 affects itsourcecode Apartment Management System 1.0. The vulnerability lies in /management/add_m_committee.php where manipulation of the ID parameter enables SQL injection, potentially exploitable remotely. The exploit has been published and multiple sources describe a SQL‑injectio...
PT-2025-34738
Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A SQL injection issue exists in the /maintenance/add maintenance cost.php file due to the manipulation of the ID argument. Remote exploitation is possible. The exploit has been...
SourceCodester Online Bank Management System 安全漏洞
SourceCodester Online Bank Management System is a SourceCodester open source online bank management system. A security vulnerability exists in SourceCodester Online Bank Management System version 1.0, which is caused by a SQL injection attack due to incorrect manipulation of the parameter msg in...
User Management System emailid Parameter SQL Injection Vulnerability
User Management System is a user management system. User Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter emailid of the signup.php file. An attacker can exploit this vulnerability to...
itsourcecode Apartment Management System 安全漏洞
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements for parameter ID in file /maintenance/addmaintenancecost.php. An attacker can exploit thi...
Sports Management System sports.php File SQL Injection Vulnerability
Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/sports.php. An attacker can exploit this vulnerabili...
PT-2025-34789 · Digital Creators Club Trap · Traq
Name of the Vulnerable Software and Affected Versions: traQ versions prior to 3.25.0 Description: traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the...