CVE-2025-15073

A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contactus.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and...

CVE-2025-15073

A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contactus.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and...

CVE-2025-15014

CVE-2025-15014 affects loganhong php loganSite (Article Handler) via /includes/article_detail.php. The vulnerability arises from manipulating the ID argument, causing SQL injection against an unknown function/file component. Reports consistently describe remote exploitation potential and a rollin...

EUVD-2025-204677

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

CVE-2025-14966

A vulnerability was determined in FastAdmin up to 1.7.0.20250506. Affected is the function selectpage of the file application/common/controller/Backend.php of the component Backend Controller. Executing a manipulation of the argument custom/searchField can lead to sql injection. It is possible to...

CVE-2025-14951

A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument postcontent leads to sql injection. The attack can be executed remotely. The exploit has been disclosed...

CVE-2025-14951

A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument postcontent leads to sql injection. The attack can be executed remotely. The exploit has been disclosed...

CVE-2025-14952

A vulnerability was detected in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addcategory.php. Performing a manipulation of the argument txtCategoryName results in sql injection. The attack is possible to be carried out remotely. The exploit is now...

CVE-2025-14939

A vulnerability was found in code-projects Online Appointment Booking System 1.0. Impacted is an unknown function of the file /admin/deletemanager.php. The manipulation of the argument managername results in sql injection. The attack may be performed from remote. The exploit has been made public...

CVE-2025-14900

A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. T...

CVE-2025-14899 CodeAstro Real Estate Management System Administrator Endpoint stateadd.php sql injection

A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been made availabl...

CVE-2025-14899

A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been made availabl...

CVE-2025-14898

A security flaw has been discovered in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /admin/userbuilderdelete.php of the component Administrator Endpoint. The manipulation results in sql injection. The attack can be launched remotely. The exploit has be...

CVE-2025-14832

A vulnerability was identified in itsourcecode Online Cake Ordering System 1.0. The affected element is an unknown function of the file /updateproduct.php?action=edit. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicl...

CVE-2025-14832

The affected software is itsourcecode Online Cake Ordering System v1.0. The vulnerability lies in the file /updateproduct.php?action=edit where manipulation of the ID parameter enables SQL injection, enabling remote exploitation. Multiple connected sources corroborate a publicly available exploit...

CVE-2025-14667

A security vulnerability has been detected in itsourcecode COVID Tracking System 1.0. The impacted element is an unknown function of the file /admin/?page=systeminfo. Such manipulation of the argument metavalue leads to sql injection. The attack may be performed from remote. The exploit has been...

CVE-2025-14652

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This issue affects some unknown processing of the file /admindetail.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and...

CVE-2025-14649

A vulnerability was detected in itsourcecode Online Cake Ordering System 1.0. Affected by this issue is some unknown functionality of the file /cakeshop/supplier.php. Performing manipulation of the argument supplier results in sql injection. The attack can be initiated remotely. The exploit is no...

CVE-2025-14644

A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /updatesubject.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclos...

CVE-2025-14640

A flaw has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /admin/savestudent.php. Executing manipulation of the argument studno can lead to sql injection. The attack may be launched remotely. The exploit has been published a...