CVE-2025-10068

A flaw has been found in itsourcecode Online Discussion Forum 1.0. This affects an unknown function of the file /admin/adminforum/addviews.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may...

CVE-2025-10062

A vulnerability was determined in itsourcecode Student Information Management System 1.0. This affects an unknown part of the file /admin/login.php. Executing manipulation of the argument uname can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed...

CVE-2025-10062 itsourcecode Student Information Management System login.php sql injection

A vulnerability was determined in itsourcecode Student Information Management System 1.0. This affects an unknown part of the file /admin/login.php. Executing manipulation of the argument uname can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed...

CVE-2025-10033

CVE-2025-10033 affects itsourcecode Online Discussion Forum 1.0. The vulnerability is a SQL injection in the /admin file caused by manipulation of the Username parameter, exploitable remotely, with public disclosure. Multiple sources confirm the issue and provide varying CVSS perspectives; the NV...

CVE-2025-9919

A vulnerability was identified in 1000projects Beauty Parlour Management System 1.0. This affects an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploi...

CVE-2025-10011

CVE-2025-10011 — Portabilis i-Educar up to 2.10 is documented to have a SQL injection vulnerability in an unknown function of the file /module/TabelaArredondamento/edit. The manipulation of the argument ID enables remote exploitation, and public exploits have been reported. The consolidated sourc...

Linux Distros Unpatched Vulnerability : CVE-2023-30944

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote...

CVE-2025-9829

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /signup.php. The manipulation of the argument mobilenumber leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly...

Linux Distros Unpatched Vulnerability : CVE-2014-8089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote...

CVE-2025-9832

A security vulnerability has been detected in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the file /routers/register-router.php. Such manipulation of the argument phone leads to sql injection. The attack may be performed from remote. The exploit has been...

CVE-2025-9691

A vulnerability has been found in Campcodes Online Shopping System 1.0. This impacts an unknown function of the file /login.php. Such manipulation of the argument Password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-9771

The CVE-2025-9771 entry concerns SourceCodester Eye Clinic Management System 1.0. The vulnerability is an SQL injection in an unknown functionality of the file /main/search_index_Diagnosis.php, triggered by manipulating the Search argument. It can be exploited remotely, and public disclosures of ...

CVE-2025-54946

A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands...

PT-2025-35501

Name of the Vulnerable Software and Affected Versions: SourceCodester/Campcodes School Log Management System version 1.0 Description: A SQL injection issue exists in an unknown functionality of the file /admin/admin class.php. Manipulation of the id no argument can lead to SQL injection and can b...

CVE-2025-9743 code-projects Human Resource Integrated System login_attendance2.php sql injection

A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file loginattendance2.php. Performing manipulation of the argument employeeid/date results in sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-9742

A vulnerability was identified in code-projects Human Resource Integrated System 1.0. This issue affects some unknown processing of the file /login.php. Such manipulation of the argument user/pass leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

CVE-2025-9726

A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /review.php. The manipulation of the argument pid results in sql injection. The attack may be launched remotely. The exploit has been released to the...

PT-2025-35359

Name of the Vulnerable Software and Affected Versions: SourceCodester Advanced School Management System version 1.0 Description: A SQL injection issue exists in SourceCodester Advanced School Management System 1.0. The vulnerability is located in an unknown function within the /index.php/stock/it...

CVE-2025-9664

A security flaw has been discovered in code-projects Simple Grading System 1.0. Affected is an unknown function of the file /addstudentgrade.php of the component Admin Panel. The manipulation of the argument Add results in sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-9660

A vulnerability was found in SourceCodester Bakeshop Online Ordering System 1.0. The impacted element is an unknown function of the file /passwordrecover.php. Performing manipulation of the argument phonenumber results in sql injection. The attack is possible to be carried out remotely. The explo...