CVE-2025-4244

A vulnerability, which was classified as critical, was found in code-projects Online Bus Reservation System 1.0. This affects an unknown part of the file /seatlocation.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

WordPress plugin Advance Seat Reservation Management for WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

CVE-2025-4154

A vulnerability, which was classified as critical, has been found in PHPGurukul Pre-School Enrollment System 1.0. Affected by this issue is some unknown functionality of the file /admin/enrollment-details.php. The manipulation of the argument Status leads to sql injection. The attack may be...

CVE-2025-44192

SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangaymanagement/admin/?page=viewclearance...

CVE-2025-45017

A SQL injection vulnerability was discovered in edit-ticket.php of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the tprice POST request parameter...

PHPGurukul Directory Management System 安全漏洞

Directory Management System is a directory management system. Directory Management System suffers from a SQL injection vulnerability that stems from improper handling of the email parameter in the admin/edit-directory.php file, which can be exploited to query strings and ultimately trick the serv...

SourceCodester Simple Barangay Management System 安全漏洞

SourceCodester Simple Barangay Management System is a simple village management system from SourceCodester open source. A security vulnerability exists in SourceCodester Simple Barangay Management System version v1.0, which stems from improper handling of...

WordPress plugin tagDiv Opt-In Builder SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

PHPGurukul Online Nurse Hiring System 安全漏洞

PHPGurukul Online Nurse Hiring System is an online nurse hiring system from PHPGurukul, Inc. A security vulnerability exists in version 1.0 of the PHPGurukul Online Nurse Hiring System, which stems from improper handling of the parameter viewid in the file /admin/view-request.php, which could lea...

PHPGurukul Nipah virus Testing Management System SQL注入漏洞

Nipah Virus Testing Management System is an online virus diagnostic platform. Nipah Virus Testing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter adminname/mobilenumber in file...

PHPGurukul Art Gallery Management System 注入漏洞

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter artmed in the file /admin/manage-art-medium.php. An attacke...

itsourcecode Placement Management System 注入漏洞

itsourcecode Placement Management System is an open source placement management system from itsourcecode. An injection vulnerability exists in version 1.0 of itsourcecode Placement Management System, which originates from a SQL injection due to incorrect manipulation of the parameter Name in the...

CVE-2025-3974

A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit-phlebotomist.php?pid=11. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated...

CVE-2025-3956

A vulnerability has been found in 201206030 novel-cloud 1.4.0 and classified as critical. This vulnerability affects the function RestResp of the file novel-cloud-master/novel-book/novel-book-service/src/main/resources/mapper/BookInfoMapper.xml. The manipulation leads to sql injection. The attack...

CVE-2025-46578

There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information...

ZTE GoldenDB 安全漏洞

ZTE GoldenDB is a financial-grade transactional distributed database from China's ZTE Corporation ZTE. It is used in finance, government and enterprise, telecom and other industries to provide highly available data services. A security vulnerability exists in ZTE GoldenDB, which can be exploited ...

novel-cloud 注入漏洞

novel-cloud is a Spring Cloud microservices technology stack learning novel project built on novel by xxy individual developer. An injection vulnerability exists in novel-cloud version 1.4.0, which originates from a SQL injection due to a misuse of function RestResp in file...

The vulnerability of the UnlockDatabaseSettings method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allows a hacker to circumvent security restrictions and gain access to write and read arbitrary files.

The vulnerability of the UnlockDatabaseSettings method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to bypass security...

The vulnerability of the LockGeneralSettings method in the software for managing and monitoring remote objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions and gain access to write and read arbitrary files.

The vulnerability of the LockGeneralSettings method in the software for managing and monitoring remote objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability...

The vulnerability of the UnlockProjectUserRights method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions and gain access to write and read arbitrary files.

The vulnerability of the UnlockProjectUserRights method in the software for managing and monitoring removed objects in telemetry and telemechanics systems related to the TeleControl Server Basic is linked to the lack of measures taken to protect the SQL query structure. Exploiting this...