CVE-2025-10798 code-projects Hostel Management System index.php sql injection

A vulnerability was identified in code-projects Hostel Management System 1.0. Impacted is an unknown function of the file /justines/admin/modroomtype/index.php?view=view. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly...

CVE-2025-10793

A vulnerability was detected in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/adminaccountdelete.php. Performing manipulation of the argument userid results in sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-10791

A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available t...

CVE-2025-10790

A security flaw has been discovered in SourceCodester Simple Forum Discussion System 1.0. This affects an unknown function of the file /ajax.php?action=savecategory. The manipulation of the argument Description results in sql injection. The attack can be executed remotely. The exploit has been...

CVE-2025-10791

CVE-2025-10791 affects code-projects Online Bidding System 1.0. The vulnerability is a SQL injection in the file /administrator/index.php, caused by manipulation of the aduser parameter. It is described as exploitable remotely and the exploit has been publicly available. Multiple connected source...

CVE-2025-10784

A security vulnerability has been detected in Campcodes Online Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/editsubject.php. The manipulation of the argument subjectcode leads to sql injection. It is possible to initiate the attack...

PT-2025-38712

Name of the Vulnerable Software and Affected Versions Hostel Management System version 1.0 Description A flaw exists in the Hostel Management System that allows for remote SQL injection. The issue is located in the /justines/admin/login.php file, specifically through manipulation of the email...

CVE-2025-10687

A vulnerability was found in SourceCodester Responsive E-Learning System 1.0. This affects an unknown part of the file /admin/addteacher.php. The manipulation of the argument Username results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and coul...

CVE-2025-10662

A vulnerability has been found in SeaCMS up to 13.3. The impacted element is an unknown function of the file /adminmembers.php?ac=editsave. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be use...

CVE-2025-10595

A vulnerability has been found in SourceCodester Online Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/deleteuser.php. The manipulation of the argument userid leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-10673

A vulnerability was determined in itsourcecode Student Information Management System 1.0. The impacted element is an unknown function of the file /admin/modules/class/index.php. This manipulation of the argument classId causes sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-10670

CVE-2025-10670 affects itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. The vulnerability is in the processing of /check_profile.php, where manipulating the profile_id parameter can lead to an SQL injection. The issue is exploitable remotely and exploits have been published ...

CVE-2025-10664 PHPGurukul Small CRM create-ticket.php sql injection

A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argument subject can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-10664 PHPGurukul Small CRM create-ticket.php sql injection

A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argument subject can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-10624

A security flaw has been discovered in PHPGurukul User Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument emailid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and ma...

CVE-2025-10624

A security flaw has been discovered in PHPGurukul User Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument emailid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and ma...

CVE-2025-10479

A security flaw has been discovered in SourceCodester Online Student File Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument studno results in sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-10621

SourceCodester Hotel Reservation System 1.0 contains a SQL injection vulnerability in editroomimage.php caused by manipulation of the ID parameter. Exploitation can be performed remotely, and publicly disclosed exploits exist. Remediation/mitigation guidance from PT-2025-38281 suggests a temporar...

CVE-2025-10620

The CVE-2025-10620 entry concerns itsourcecode Online Clinic Management System 1.0. It identifies an SQL injection vulnerability in unknown code within the file /editp2.php, caused by manipulating parameters id, firstname, lastname, type, age, or address. The vulnerability can be exploited remote...

CVE-2025-10618

A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has...