8260 matches found
CVE-2025-49897
CVE-2025-49897 affects the WordPress plugin Vertical scroll slideshow gallery v2 (versions
CVE-2025-9052
A vulnerability was identified in projectworlds Travel Management System 1.0. This affects an unknown part of the file /updatepackage.php. The manipulation of the argument s1 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and m...
CVE-2025-9053 projectworlds Travel Management System updatesubcategory.php sql injection
A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unknown code of the file /updatesubcategory.php. The manipulation of the argument t1/s1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the publ...
CVE-2025-1929 SQLi in RiskTurk's Treasury Management Software
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...
CVE-2025-54474 Extension - dj-extensions.com - SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joomla
A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands...
CVE-2025-54474
CVE-2025-54474 describes a SQL injection vulnerability in the DJ-Classifieds Joomla extension, affecting versions 3.9.2–3.10.1. The issue allows privileged users to execute arbitrary SQL commands. The connected documents consistently reference a DJ-Classifieds SQLi impacting Joomla; no exploitati...
CVE-2025-9047
CVE-2025-9047 affects projectworlds Visitor Management System 1.0. The vulnerability is a SQL injection in the file /visitor_out.php, triggered by manipulating the rid parameter in an unknown function, with remote execution possible. Multiple connected sources confirm the issue and describe it as...
CVE-2025-9028
CVE-2025-9028 affects code-projects Online Medicine Guide 1.0. The vulnerability lies in the /adphar.php file, where manipulating the phuname parameter enables SQL injection. Multiple sources confirm this can be exploited remotely, with exploits published and potential for data loss/compromise. C...
CVE-2025-9028 code-projects Online Medicine Guide adphar.php sql injection
A flaw has been found in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /adphar.php. Executing manipulation of the argument phuname can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...
CVE-2025-9025
A vulnerability was determined in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /portal.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...
CVE-2025-9024 PHPGurukul Beauty Parlour Management System book-appointment.php sql injection
A vulnerability was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /book-appointment.php. The manipulation of the argument Message leads to sql injection. The attack can be launched remotely. The exploit has been...
CVE-2025-9022 SourceCodester Online Bank Management System statements.php sql injection
A vulnerability was identified in SourceCodester Online Bank Management System up to 1.0. This issue affects some unknown processing of the file /bank/statements.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely...
CVE-2025-9010 itsourcecode Online Tour and Travel Management System booking_report.php sql injection
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/bookingreport.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The explo...
CVE-2025-9009 itsourcecode Online Tour and Travel Management System email_setup.php sql injection
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/emailsetup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-9009
The CVE covers itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function in /admin/email_setup.php where manipulating the Name argument triggers SQL injection. The issue allows remote exploitation and the exploit has been disclosed publicly. Connected sources cons...
CVE-2025-9008
A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/smssetting.php. The manipulation of the argument uname leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-8989
A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been...
PHPGurukul Online Shopping Portal Project 注入漏洞
Online Shopping Portal Project is an online shopping portal project. A SQL injection vulnerability exists in Online Shopping Portal Project, which originates from the lack of validation of externally-entered SQL statements in the parameter emailid in the file /shopping/password-recovery.php. An...
HCL BigFix SaaS Authentication Service 安全漏洞
HCL BigFix SaaS Authentication Service is an endpoint management platform from HCL India. HCL BigFix SaaS Authentication Service suffers from a security vulnerability that stems from SQL queries that can be manipulated, potentially leading to SQL injection attacks...
PT-2025-33441 · Itsourcecode · Itsourcecode Online Tour/Travel Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection vulnerability exists in itsourcecode Online Tour and Travel Management System 1.0. The vulnerability is located in an unknown function within the...