3942 matches found
CVE-2025-4785
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user-profile.php. The manipulation of the argument fullname/contactnumber leads to sql injection. The attack may be launched...
CVE-2025-4743
A vulnerability classified as critical was found in code-projects Employee Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /dashboard/getData.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The...
CVE-2025-4724
A vulnerability, which was classified as critical, has been found in itsourcecode Placement Management System 1.0. Affected by this issue is some unknown functionality of the file /studentprofile.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely...
CVE-2024-23815
The CVE-2024-23815 entry concerns Siemens Desigo CC. Affected: Desigo CC server (all versions) where Installed Clients can reach the server from networks outside a highly protected zone, or only within highly protected zones. Issue: the server fails to authenticate certain client requests, allowi...
CVE-2025-4554
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-passreports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiat...
CVE-2025-4550
A vulnerability, which was classified as critical, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /admin/pass-details.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated...
CVE-2025-4506
A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/menu-router.php. The manipulation of the argument 1price leads to sql injection. The attack may be launched remotely. Th...
CVE-2025-4505
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /category.php. The manipulation of the argument categoryname leads to sql injection. The attack can be launche...
CVE-2025-4464
A vulnerability has been found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=saveplan. The manipulation of the argument plan leads to sql injection. The attack can be launched remotely...
CVE-2025-4456
A vulnerability classified as critical has been found in Project Worlds Car Rental Project 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...
CVE-2025-4362
A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=savemembership. The manipulation of the argument memberid leads to sql injection. The attack can be initiated remotely. The exploit has...
CVE-2025-4360
A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The explo...
CVE-2025-4359
A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletemember. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The...
CVE-2025-4314
A vulnerability has been found in SourceCodester Advanced Web Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument txtLogin leads to sql injection. The attack can be launched remotely. The...
CVE-2025-4313
A vulnerability, which was classified as critical, was found in SourceCodester Advanced Web Store 1.0. Affected is an unknown function of the file /admin/adminaddnewproduct.php. The manipulation of the argument txtProdId leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2025-4307
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been classified as critical. Affected is an unknown function of the file /admin/add-art-medium.php. The manipulation of the argument artmed leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2025-4250
A vulnerability was found in code-projects Nero Social Networking Site 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument fname/lname/login/password2/cpassword/address/cnumber/email/gender/propic/month leads to sql...
CVE-2025-4213
CVE-2025-4213 affectsPHPGurukul Online Birth Certificate System 1.0, specifically the file /admin/search.php. The root cause is improper handling/validation of the searchdata parameter, enabling an SQL injection vulnerability. Exploitation can be performed remotely; multiple sources indicate the ...
CVE-2025-4196
A vulnerability was found in SourceCodester Patient Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /birthing.php. The manipulation of the argument compid leads to sql injection. The attack may be initiated remotely. The exploit...
CVE-2025-4155
A vulnerability, which was classified as critical, was found in PHPGurukul Boat Booking System 1.0. This affects an unknown part of the file /admin/edit-boat.php. The manipulation of the argument bid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...