CVE-2026-3760

A vulnerability was detected in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /viewresult.php. Performing a manipulation of the argument seme results in sql injection. The attack is possible to be carried out remotely. The exploit is now public...

CVE-2026-3759

A security vulnerability has been detected in projectworlds Online Art Gallery Shop 1.0. This affects an unknown part of the file /admin/adminHome.php. Such manipulation of the argument reachnm leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly an...

CVE-2026-3756

A vulnerability was identified in SourceCodester Sales and Inventory System up to 1.0. Affected is an unknown function of the file /checkitemdetails.php. The manipulation of the argument stockname1 leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...

CVE-2026-3754

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /addstock.php. Performing a manipulation of the argument cost results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...

CVE-2026-3755

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /checkcustomerdetails.php of the component POST Handler. Executing a manipulation of the argument stockname1 can lead to sql injection. The attack can be launched remotely...

CVE-2026-3756 SourceCodester Sales and Inventory System check_item_details.php sql injection

A vulnerability was identified in SourceCodester Sales and Inventory System up to 1.0. Affected is an unknown function of the file /checkitemdetails.php. The manipulation of the argument stockname1 leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...

CVE-2026-3753

A vulnerability has been found in SourceCodester Sales and Inventory System up to 1.0. The impacted element is an unknown function of the file /addsalesprint.php. Such manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-3752

CVE-2026-3752 affects SourceCodester’s Employee Task Management System v1.0, specifically the GET Parameter Handler in /daily-task-report.php where manipulating the Date argument triggers an SQL injection. The flaw can be exploited remotely and has been demonstrated publicly. Multiple sources (NV...

CVE-2026-3751

A vulnerability was detected in SourceCodester Employee Task Management System 1.0. Impacted is an unknown function of the file /daily-attendance-report.php of the component GET Parameter Handler. The manipulation of the argument Date results in sql injection. The attack may be performed from...

CVE-2026-3740

A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adminsearchstudent.php. This manipulation of the argument adminsearchstudent causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-3740

A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adminsearchstudent.php. This manipulation of the argument adminsearchstudent causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-3740 itsourcecode University Management System admin_search_student.php sql injection

A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adminsearchstudent.php. This manipulation of the argument adminsearchstudent causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-3740

A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adminsearchstudent.php. This manipulation of the argument adminsearchstudent causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-3736

CVE-2026-3736 affects the Simple Flight Ticket Booking System 1.0, specifically the SearchResultRoundtrip.php file. The vulnerability arises from manipulating the input in the results parameter, enabling SQL injection. The issue can be exploited remotely, and the exploit has been publicly release...

CVE-2026-3736

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

CVE-2026-3711

Code-projects Simple Flight Ticket Booking System 1.0 contains a SQL injection vulnerability in an unknown function of /Adminupdate.php. The issue arises from manipulating parameters flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp. Remote exploitation is possible and the exploit is ...

CVE-2026-3705

CVE-2026-3705 affects code-projects Simple Flight Ticket Booking System 1.0. The vulnerability is an SQL injection in the /Adminsearch.php handling for the flightno parameter, with remote exploitation possible and a public exploit. Multiple connected sources (NVD, Red Hat, EUVD, CVE lists, and PT...

PT-2026-23968

Name of the Vulnerable Software and Affected Versions projectworlds Online Art Gallery Shop version 1.0 Description A security flaw exists in projectworlds Online Art Gallery Shop. This issue involves a SQL injection impacting an unknown functionality accessible through the file '/?pass=1'. The f...

CVE-2026-3672 JeecgBoot getDictItems isExistSqlInjectKeyword sql injection

A vulnerability has been found in JeecgBoot up to 3.9.1. Affected is the function isExistSqlInjectKeyword of the file /jeecg-boot/sys/api/getDictItems. Such manipulation leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used...

CVE-2026-3616

A vulnerability was detected in DefaultFuction Jeson Customer Relationship Management System 1.0.0. Impacted is an unknown function of the file /modules/customers/edit.php. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is...