CVE-2025-11109

CVE-2025-11109 affects Campcodes Computer Sales and Inventory System 1.0. The vulnerability is a SQL injection in the parameter ID of the file /pages/us_edit.php?action=edit, allowing remote exploitation. Public exploits exist. Several sources corroborate the flaw and its remote exploitability, w...

CVE-2025-11094

A security vulnerability has been detected in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/adminproductdetails.php. Such manipulation of the argument prodid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicl...

PT-2025-39789

Name of the Vulnerable Software and Affected Versions CodeAstro Student Grading System version 1.0 Description A flaw exists in the processing of the /adminLogin.php file within CodeAstro Student Grading System. Manipulation of the staffId argument can lead to a SQL injection. This issue is...

CVE-2025-11077 Campcodes Online Learning Management System add_content.php sql injection

A vulnerability was determined in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /admin/addcontent.php. Executing manipulation of the argument Title can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclose...

CVE-2025-11040

A vulnerability was detected in code-projects Hostel Management System 1.0. Affected by this issue is some unknown functionality of the file /justines/admin/modusers/index.php?view=view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit...

CVE-2025-10840 SourceCodester Pet Grooming Management Software print-payment.php sql injection

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/print-payment.php. This manipulation of the argument sql111 causes sql injection. The attack can be initiated remotely. The exploit has been made available to...

CVE-2025-10839

CVE-2025-10839 affects SourceCodester Pet Grooming Management Software 1.0. The vulnerability is a SQL injection in the /admin/inv-print.php script caused by manipulating the ID parameter. It allows remote exploitation, and public exploits exist. Multiple connected sources corroborate the issue a...

CVE-2025-10834

A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. This affects an unknown function of the file /jobportal/admin/login.php. Such manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available a...

CVE-2025-10828 SourceCodester Pet Grooming Management Software edit.php sql injection

A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/edit.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly an...

PT-2025-39151

Name of the Vulnerable Software and Affected Versions Campcodes Society Membership Information System version 1.0 Description A flaw exists in Campcodes Society Membership Information System that allows for remote SQL injection. The issue stems from improper handling of the student id argument...

CVE-2025-10810 Campcodes Online Learning Management System edit_user.php sql injection

A vulnerability was detected in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/edituser.php. Performing manipulation of the argument firstname results in sql injection. The attack is possible to be carried out remotely. The exploit ...

CVE-2025-10809

A security vulnerability has been detected in Campcodes Online Learning Management System 1.0. The affected element is an unknown function of the file /admin/department.php. Such manipulation of the argument d leads to sql injection. The attack can be executed remotely. The exploit has been...

CVE-2025-10807

A security flaw has been discovered in Campcodes Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/edit-customer-detailed.php. The manipulation of the argument editid results in sql injection. The attack may be launched remotely. The exploit...

CVE-2025-10688

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/operation/paid.php. This manipulation of the argument invno/instaamt causes sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-10668

The CVE concerns itsourcecode Online Discussion Forum 1.0, where manipulation of the ID parameter in /members/compose_msg_admin.php enables SQL injection. This is a network-accessible issue with potential remote exploitation, and multiple feeds (nvd, Red Hat, CVE records, and security trackers) c...

CVE-2025-10618

The CVE-2025-10618 issue affects itsourcecode Online Clinic Management System 1.0, specifically the transact.php file where manipulation of the firstname parameter enables a SQL injection. Multiple connected sources corroborate remote exploitability and publicly disclosed PoCs. Evidence across NV...

CVE-2025-10459

A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/all-appointment.php. The manipulation of the argument delid results in sql injection. The attack can be executed remotely. The exploit has been released to the...

CVE-2025-10598

A vulnerability was identified in SourceCodester Pet Grooming Management Software 1.0. This issue affects some unknown processing of the file /admin/searchproduct.php. Such manipulation of the argument groupid leads to sql injection. The attack may be launched remotely. The exploit is publicly...

CVE-2025-10403

A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/view-enquiry.php. The manipulation of the argument viewid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclose...

CVE-2025-10421 SourceCodester Student Grading System update_account.php sql injection

A flaw has been found in SourceCodester Student Grading System 1.0. This vulnerability affects unknown code of the file /updateaccount.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...