CVE-2025-6884

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...

Campcodes Sales and Inventory System 安全漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. A security vulnerability exists in Campcodes Sales and Inventory System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter cid in the file /pages/paymentadd.php...

PHPGurukul Zoo Management System 注入漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /admin/manage-foreigners-ticket.php. An attacker can exploit this vulnerabili...

SourceCodester Best Salon Management System 注入漏洞

SourceCodester Best Salon Management System is a SourceCodester open source salon management system. SourceCodester Best Salon Management System version 1.0 has an injection vulnerability, the vulnerability stems from the wrong operation of the parameter Name in the file /panel/add-tax.php,...

PHPGurukul Teachers Record Management System 注入漏洞

Teachers Record Management System is a teacher record management system. The Teachers Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter tid in the file /admin/changeimage.php. An...

Code-Projects Car Rental System 注入漏洞

Car Rental System is a car rental system. Car Rental System suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement in the parameter carname in the file /admin/addcars.php. An attacker can use this vulnerability to execute illegal S...

Code-Projects Inventory Management System 注入漏洞

Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the userid parameter in the file /phpaction/removeUser.php for externally entered SQL statements. An attacker can...

CVE-2025-6846

A vulnerability classified as critical has been found in code-projects Simple Forum 1.0. This affects an unknown part of the file /forumviewfile.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-6842

A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edituser.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

Code-Projects Simple Forum 注入漏洞

Simple forum is a simple forum. Simple forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Name in the file /forumviewfile.php. An attacker can exploit this vulnerability to execute illegal SQL commands...

Code-Projects Library System 注入漏洞

Library System is a library system. The Library System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter reg in the file /student-issue-book.php. An attacker can exploit this vulnerability to execute illeg...

OWASP ESAPI 安全漏洞

OWASP ESAPI is a free, open source, Web application security control library from the OWASP Foundation in the United States that makes it easier for programmers to write lower-risk applications. A security vulnerability exists in OWASP ESAPI that stems from improper neutralization of special...

oa_system 注入漏洞

oasystem is a hailey individual developer's application for the day-to-day operation and management of organizations, used by employees and managers. An injection vulnerability exists in oasystem that originates from an external address book handler resulting in SQL injection...

Code-Projects Inventory Management System 注入漏洞

Inventory Management System is an inventory management system. Inventory Management System has a SQL injection vulnerability that stems from improper handling of the editProductName parameter in the /phpaction/editProduct.php file. No details of the vulnerability are available at this time...

Code-Projects Inventory Management System 注入漏洞

Inventory Management System is an inventory management system. The Inventory Management System suffers from a SQL injection vulnerability that originates in the /phpaction/createOrder.php file, which does not adequately filter user input. An attacker can exploit this vulnerability by remotely...

CVE-2025-39474

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ThemeMove Amely allows SQL Injection. This issue affects Amely: from n/a through 3.1.4...

Pre-School Enrollment System check_availability.php File SQL Injection Vulnerability

Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in the file /admin/checkavailability.ph...

Art Gallery Management System add-artist.php File SQL Injection Vulnerability

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter awfuldetails in the file /admin/add-artist.php. An attacker...

Simple Pizza Ordering System edituser.php File SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /edituser.php. An attacker can exploit this vulnerabili...

Simple Pizza Ordering System update.php File SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /update.php. An attacker can exploit this vulnerability...