8281 matches found
CodeAstro Car Rental System 安全漏洞
CodeAstro Car Rental System is a car rental system from CodeAstro. A security vulnerability exists in CodeAstro Car Rental System version 1.0, which stems from an incorrect manipulation of the parameter ID that can lead to SQL injection...
Code-Projects Hospital Management System 安全漏洞
Hospital Management System a hospital management system. The Hospital Management System suffers from a SQL injection vulnerability that originates from a missing validation of externally entered SQL statements in the parameter doctorspecilization of the file /admin/doctor-specilization.php. An...
PHPGurukul e-Diary Management System 注入漏洞
The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from a missing validation of an externally typed SQL statement in the emailid parameter of the registration.php file. An attacker can...
Code-Projects Patient Record Management System 安全漏洞
Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from a missing validation of an externally entered SQL statement in the parameter birthid of the /birthingform.php file...
PHPGurukul Restaurant Table Booking System 注入漏洞
Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that originates from a missing validation of an externally entered SQL statement in the parameter fullname of the edit-subadmin.php file. An attacke...
CVE-2025-3180
A vulnerability classified as critical was found in projectworlds Online Doctor Appointment Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /doctor/deleteschedule.php. The manipulation of the argument ID leads to sql injection. The attack can be launched...
CVE-2025-3175
A vulnerability was found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /saveusereditprofile.php. The manipulation of the argument firstName leads to sql injection. The attack may be launched...
GraphQL query operations security can be bypassed
Summary Using the Relay special node type you can bypass the configured security on an operation. Details Here is an example of how to apply security configurations for the GraphQL operations: php ApiResource security: "isgranted'ROLEUSER'", operations: / ... / , graphQlOperations: new...
Exploit for CVE-2025-30921
CVE-2025-30921 1️⃣ Component type WordPress plugin 2️...
Apartment Visitor Management System 注入漏洞
Apartment Visitor Management System is an Apartment Visitor Management System by Carlo Montero Personal Developer. An injection vulnerability exists in Apartment Visitor Management System version 1.0, which stems from an incorrect operation of the parameter buildingno that can lead to SQL injecti...
Project Worlds Online Doctor Appointment Booking System 安全漏洞
Project Worlds Online Doctor Appointment Booking System is an online doctor appointment booking system from Project Worlds, Inc. A security vulnerability exists in Project Worlds Online Doctor Appointment Booking System version 1.0, which stems from an incorrect operation of the parameter...
PT-2025-14817 · Unknown · Projectworlds Online Doctor Appointment Booking System
Name of the Vulnerable Software and Affected Versions: projectworlds Online Doctor Appointment Booking System version 1.0 Description: A critical issue was discovered in the projectworlds Online Doctor Appointment Booking System, affecting an unknown function of the file...
Project Worlds Online Doctor Appointment Booking System 注入漏洞
Project Worlds Online Doctor Appointment Booking System is an online doctor appointment booking system from Project Worlds, Inc. An injection vulnerability exists in Project Worlds Online Doctor Appointment Booking System version 1.0, which stems from an incorrect operation of the parameter...
Project Worlds Online Doctor Appointment Booking System 注入漏洞
Project Worlds Online Doctor Appointment Booking System is an online doctor appointment booking system from Project Worlds, Inc. An injection vulnerability exists in Project Worlds Online Doctor Appointment Booking System version 1.0, which stems from an incorrect manipulation of a parameter ID...
API Platform Core 安全漏洞
API Platform Core is a server component of API Platform open source by API Platform. A security vulnerability exists in API Platform Core versions prior to 4.0.21 that stems from a GraphQL license that may cache different objects...
Project Worlds Online Doctor Appointment Booking System 注入漏洞
Project Worlds Online Doctor Appointment Booking System is an online doctor appointment booking system from Project Worlds, Inc. An injection vulnerability exists in Project Worlds Online Doctor Appointment Booking System version 1.0, which stems from a misbehavior of parameter q that can lead to...
DEBIAN-CVE-2024-36465
A low privilege regular Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter...
CVE-2025-30886
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JoomSky JS Help Desk allows SQL Injection. This issue affects JS Help Desk: from n/a through 2.9.2...
WordPress plugin Salesmate Add-On for Gravity Forms SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress...
WordPress plugin JS Help Desk SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...