CVE-2025-8952 Campcodes Online Flight Booking Management System Login ajax.php sql injection

A vulnerability was found in Campcodes Online Flight Booking Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be...

CVE-2025-8950

Campcodes Online Recruitment Management System 1.0 is affected by a SQL injection in /Recruitment/index.php?page=view_vacancy caused by manipulating the ID parameter. This vulnerability appears to be remotely exploitable and has been publicly disclosed. Connected sources consistently identify the...

CVE-2025-8947

A vulnerability was found in projectworlds Visitor Management System 1.0. This issue affects some unknown processing of the file /querydata.php. The manipulation of the argument dateF/dateP leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public...

CVE-2025-8936 1000 Projects Sales Management System dordupdate.php sql injection

A vulnerability was determined in 1000 Projects Sales Management System 1.0. Affected by this issue is some unknown functionality of the file /superstore/dist/dordupdate.php. The manipulation of the argument select2 leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-8936 1000 Projects Sales Management System dordupdate.php sql injection

A vulnerability was determined in 1000 Projects Sales Management System 1.0. Affected by this issue is some unknown functionality of the file /superstore/dist/dordupdate.php. The manipulation of the argument select2 leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-8935

A vulnerability was found in 1000 Projects Sales Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /superstore/custcmp.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-8931 code-projects Medical Store Management System ChangePassword.java sql injection

A vulnerability was determined in code-projects Medical Store Management System 1.0. Affected is an unknown function of the file ChangePassword.java. The manipulation of the argument newPassTxt leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to...

PT-2025-33259 · Unknown · Realmag777 Mdtf

Name of the Vulnerable Software and Affected Versions: RealMag777 MDTF versions through 1.3.3.7 Description: RealMag777 MDTF is susceptible to a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows for potential SQL Injection attacks...

WordPress plugin Cube Portfolio SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress plugin Easy Form Builder SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

PT-2025-33110 · Unknown · Medical Store Management System

Name of the Vulnerable Software and Affected Versions: code-projects Medical Store Management System version 1.0 Description: A vulnerability exists in the Medical Store Management System due to a SQL injection issue. The vulnerability is related to unknown processing of the UpdateCompany.java fi...

WordPress plugin MapSVG SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

itsourcecode Online Tour and Travel Management System 注入漏洞

itsourcecode Online Tour and Travel Management System is a itsourcecode open source online tour and travel management system. An injection vulnerability exists in itsourcecode Online Tour and Travel Management System version 1.0, which is caused by incorrect manipulation of the parameter...

PT-2025-33223 · Romancode · Mapsvg

Name of the Vulnerable Software and Affected Versions: MapSVG affected versions not specified Description: An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability exists in RomanCode MapSVG, allowing for SQL injection. Recommendations: At the moment,...

PHPGurukul Hospital Management System 安全漏洞

Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter docfees in the file /admin/edit-doctor.php. An...

WordPress plugin Frontend Admin by DynamiApps SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

CVE-2025-8928

CVE-2025-8928 affects code-projects’ Medical Store Management System 1.0, specifically the UpdateMedicines.java file in the Update Medicines Page. The vulnerability arises from improper handling of the argument productNameTxt, leading to SQL injection. The attack can be initiated remotely, and pu...

CVE-2025-8926

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-8924

A vulnerability was identified in Campcodes Online Water Billing System 1.0. This issue affects some unknown processing of the file /viewbill.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may...

CVE-2025-8925 itsourcecode Sports Management System match.php sql injection

A vulnerability has been found in itsourcecode Sports Management System 1.0. Affected is an unknown function of the file /Admin/match.php. The manipulation of the argument code leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...