CVE-2025-13277

A flaw has been found in code-projects Nero Social Networking Site 1.0. This issue affects some unknown processing of the file /friendsphoto.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

CVE-2025-13272

A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Affected is an unknown function of the file /managecourse.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be us...

CVE-2025-13325

A vulnerability was determined in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /enrollmentedit1.php. Executing manipulation of the argument enid can lead to sql injection. The attack may be performed from remote. The exploit has been publicl...

CVE-2025-13302

A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...

CVE-2025-13300

A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-13301

A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-13301 itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection

A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-13298

A vulnerability was detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. This affects an unknown function of the file /enrollment/controller.php. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now publ...

CVE-2025-13299 itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection

A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controller.php. Executing a manipulation can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-13297

A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown function of the file /course/controller.php. Such manipulation leads to sql injection. The attack can be executed remotely. The exploit has been...

CVE-2025-13289

CVE-2025-13289 concerns 1000projects Design & Development of Student Database Management System 1.0. The vulnerability exists in an unknown function that processes SubCode in /TeacherLogin/Academics/SubjectDetails.php, where input manipulation enables SQL injection. Exploitation is possible remot...

CVE-2025-13286

A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-13278

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowedbooksearch.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

CVE-2025-13251

A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-13269

A vulnerability has been found in Campcodes School Fees Payment Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=savepayment. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-13269

The CVE-2025-13269 entry affects Campcodes School Fees Payment Management System 1.0. A SQL injection vulnerability exists in the /ajax.php?action=save_payment handler, triggered by manipulating the ID parameter. Reports across CNVD, Red Hat advisory, CNNVD, CIRCL, and others confirm a remote-att...

CVE-2025-13264

CVE-2025-13264 affects SourceCodester Online Magazine Management System 1.0, specifically the /view_magazine.php file. The vulnerability arises from manipulating the ID parameter, causing SQL injection. Remote exploitation is possible, and public PoCs exist. Multiple sources confirm the issue and...

CVE-2025-13260

A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/editproduct.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-13256

A weakness has been identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrow.php. Executing a manipulation of the argument rollnumber can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made...

CVE-2025-13256

CVE-2025-13256 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in an unknown function of /borrow.php where manipulating the argument roll_number can cause SQL injection. The flaw can be exploited remotely, and public exploits are available. The connected documen...