CVE-2025-11033

A vulnerability has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Impacted is an unknown function of the file /Profilers/PriProfile/COUNT3s7.php. The manipulation of the argument cbe leads to sql injection. It is possible to initiate the attack remotel...

CVE-2025-11074

Affected software: code-projects Project Monitoring System 1.0. Vulnerability: SQL injection in the login.php file caused by unsafe handling of username/password inputs, enabling remote exploitation. Root cause/condition: Manipulation of the parameters in /login.php leads to SQL injection; exploi...

CVE-2025-11064 Campcodes Online Learning Management System teachers.php sql injection

A security flaw has been discovered in Campcodes Online Learning Management System 1.0. Impacted is an unknown function of the file /admin/teachers.php. The manipulation of the argument department results in sql injection. It is possible to launch the attack remotely. The exploit has been release...

CVE-2025-11057

A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/printinv.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been...

CVE-2025-11055

A vulnerability was detected in SourceCodester Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/updateaddress.php. The manipulation of the argument address results in sql injection. The attack may be launched remotely. The exploit is now public and may be us...

CVE-2025-11052 kidaze CourseSelectionSystem COUNT3s5.php sql injection

A security flaw has been discovered in kidaze CourseSelectionSystem 1.0/5.php. The impacted element is an unknown function of the file /Profilers/PriProfile/COUNT3s5.php. Performing manipulation of the argument csslc results in sql injection. The attack can be initiated remotely. The exploit has...

PT-2025-39724

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description A SQL injection issue exists in SourceCodester Pet Grooming Management Software version 1.0. The issue is located in the file /admin/print inv.php. Manipulation of the ID...

PT-2025-39727

Name of the Vulnerable Software and Affected Versions Campcodes Online Learning Management System version 1.0 Description A flaw exists in Campcodes Online Learning Management System that allows for SQL injection. The issue is located in the processing of the /admin/edit department.php file...

CVE-2025-11041

A vulnerability has been found in itsourcecode Open Source Job Portal 1.0. Affected by this issue is some unknown functionality of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit h...

CVE-2025-11033

A vulnerability has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Impacted is an unknown function of the file /Profilers/PriProfile/COUNT3s7.php. The manipulation of the argument cbe leads to sql injection. It is possible to initiate the attack remotel...

CVE-2025-11032

A flaw has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This issue affects some unknown processing of the file /Profilers/PriProfile/COUNT3s6.php. Executing manipulation of the argument CPU can lead to sql injection. The attack may be performed from...

CVE-2025-10973 JackieDYH Resume-management-system show.php sql injection

A flaw has been found in JackieDYH Resume-management-system up to fb6b857d852dd796e748ce30c606fe5e61c18273. Affected by this issue is some unknown functionality of the file /admin/show.php. This manipulation of the argument userid causes sql injection. The attack may be initiated remotely. The...

CVE-2025-10834

A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. This affects an unknown function of the file /jobportal/admin/login.php. Such manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available a...

CVE-2025-10857

A security flaw has been discovered in Campcodes Point of Sale System POS 1.0. Affected by this issue is some unknown functionality of the file /login.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-10848

A vulnerability was identified in Campcodes Society Membership Information System 1.0. This issue affects some unknown processing of the file /checkstudent.php. Such manipulation of the argument studentid leads to sql injection. The attack may be performed from remote. The exploit is publicly...

CVE-2025-10762

A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keysdepartment results in sql injection. The attack can be executed remotely. The exploi...

CVE-2025-10840

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/print-payment.php. This manipulation of the argument sql111 causes sql injection. The attack can be initiated remotely. The exploit has been made available to...

CVE-2025-10840

CVE-2025-10840 affects SourceCodester Pet Grooming Management Software 1.0. The vulnerability is a SQL injection in the file /admin/print-payment.php via manipulation of the sql111 argument, enabling remote exploitation. Public exploits exist. Multiple sources report impact across confidentiality...

CVE-2025-10832

A vulnerability was found in SourceCodester Pet Grooming Management Software 1.0. The affected element is an unknown function of the file /admin/fetchproductdetails.php. The manipulation of the argument barcode results in sql injection. The attack may be performed from remote. The exploit has bee...

CVE-2025-10825 Campcodes Online Beauty Parlor Management System view-appointment.php sql injection

A vulnerability was identified in Campcodes Online Beauty Parlor Management System 1.0. Affected is an unknown function of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit is publicly available...