CVE-2025-13278

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

CVE-2025-13251

A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-13269

A vulnerability has been found in Campcodes School Fees Payment Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=savepayment. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-13269

The CVE-2025-13269 entry affects Campcodes School Fees Payment Management System 1.0. A SQL injection vulnerability exists in the /ajax.php?action=save_payment handler, triggered by manipulating the ID parameter. Reports across CNVD, Red Hat advisory, CNNVD, CIRCL, and others confirm a remote-att...

CVE-2025-13264

CVE-2025-13264 affects SourceCodester Online Magazine Management System 1.0, specifically the /view_magazine.php file. The vulnerability arises from manipulating the ID parameter, causing SQL injection. Remote exploitation is possible, and public PoCs exist. Multiple sources confirm the issue and...

CVE-2025-13260

A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/editproduct.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-13256

A weakness has been identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrow.php. Executing a manipulation of the argument rollnumber can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made...

CVE-2025-13256

CVE-2025-13256 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in an unknown function of /borrow.php where manipulating the argument roll_number can cause SQL injection. The flaw can be exploited remotely, and public exploits are available. The connected documen...

PT-2025-47165

Name of the Vulnerable Software and Affected Versions Simple Food Ordering System version 1.0 Description A flaw exists in Simple Food Ordering System 1.0 that allows for remote SQL injection through manipulation of the ID argument within the /saveorder.php file. The exploit for this issue has be...

CVE-2025-13201

A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

CVE-2025-13237

A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. The manipulation of the argument UUSERNAME results in sql injection. The attack can be launched remotely. The exploit has been released to the public...

CVE-2025-13237 itsourcecode Inventory Management System LogSignModal.PHP sql injection

A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. The manipulation of the argument UUSERNAME results in sql injection. The attack can be launched remotely. The exploit has been released to the public...

CVE-2025-13235

A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument useremail can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly...

CVE-2025-13236 itsourcecode Inventory Management System index.php sql injection

A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and...

CVE-2025-13236 itsourcecode Inventory Management System index.php sql injection

A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and...

CVE-2025-13233

A vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=single-item. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to...

CVE-2025-13233

CVE-2025-13233 affects itsourcecode Inventory Management System 1.0. The vulnerable element is the file /index.php?q=single-item where manipulation of the ID parameter enables SQL injection. The issue can be exploited remotely and the exploit has been disclosed publicly. Available details indicat...

CVE-2025-13210 itsourcecode Inventory Management System index.php sql injection

A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=add. Such manipulation of the argument PROMODEL leads to sql injection. The attack may be performed from remote. The exploit has...

CVE-2025-13123

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/getfirstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-13171 ZZCMS wangkan_list.php sql injection

A vulnerability was identified in ZZCMS 2023. This impacts an unknown function of the file /admin/wangkanlist.php. Such manipulation of the argument keyword leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...