CVE-2025-4070

A vulnerability, which was classified as critical, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2025-3792

A vulnerability, which was classified as critical, has been found in SeaCMS up to 13.3. This issue affects some unknown processing of the file /adminlink.php?action=delall. The manipulation of the argument eid leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-3571 Fannuo Enterprise Content Management System 凡诺企业网站管理系统 cms_chip.php sql injection

A vulnerability was found in Fannuo Enterprise Content Management System 凡诺企业网站管理系统 1.1/4.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/cmschip.php. The manipulation of the argument del leads to sql injection. The attack can be initiated remotely...

CVE-2025-3339

A vulnerability classified as critical was found in codeprojects Online Restaurant Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/userupdate.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely...

CVE-2025-3370

A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. It is possible to initiate the attack remotely. The exploi...

CVE-2025-3369

A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /novel/friendLink/list. The manipulation of the argument sort leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-3205

A vulnerability, which was classified as critical, was found in CodeAstro Student Grading System 1.0. This affects an unknown part of the file studentsubject.php. The manipulation of the argument studentId leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-3242

A vulnerability has been found in PHPGurukul e-Diary Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /search-result.php. The manipulation of the argument id/searchdata leads to sql injection. The attack can be initiated remotely. The exploit h...

CVE-2025-3195

A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-3142

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /add-apartment.php. The manipulation of the argument buildingno leads to sql injection. The attack may be initiated remotely...

PT-2025-14624 · Unknown · Project Worlds Online Lawyer Management System

Name of the Vulnerable Software and Affected Versions: Project Worlds Online Lawyer Management System version 1.0 Description: A critical issue has been found in the processing of the file /lawyer booking.php, where the manipulation of the unblock id argument leads to sql injection. This issue ca...

CVE-2025-3038

A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /viewaccount.php. The manipulation of the argument salaryrate leads to sql injection. The attack may be initiated remotely. The exploit has...

PT-2025-35790

Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30 Description The Chamilo learning management system has an issue due to a lack of validation of XML object sequences. This can allow a remote attacker to execute arbitrary SQL queries. The issue exists in the...

CVE-2025-2852

A vulnerability has been found in SourceCodester Food Ordering Management System up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/menus/viewmenu.php. The manipulation of the argument ID leads to sql injection. The attack can be...

CVE-2025-2675

CVE-2025-2675 affects PHPGurukul Bank Locker Management System 1.0. The vulnerability is a SQL injection in the add-lockertype.php function, triggered by manipulating the lockerprice parameter. It is exploitable remotely and, per sources in the connected documents, the exploit has been disclosed ...

CVE-2025-2593

A vulnerability has been found in FastCMS up to 0.1.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/client/article/list. The manipulation of the argument orderBy leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2025-2393

A vulnerability, which was classified as critical, was found in code-projects Online Class and Exam Scheduling System 1.0. Affected is an unknown function of the file /pages/salutdel.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-2389

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/addcity.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-2383

CVE-2025-2383 affects PHPGurukul Doctor Appointment Management System 1.0. The vulnerability is a SQL injection in the /doctor/search.php file via the searchdata parameter in an affected request, with remote exploitation and exploitation disclosed publicly. The exact vulnerable component is descr...

CVE-2025-2378

A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been classified as critical. This affects an unknown part of the file /download-medical-cards.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack remotely...