CVE-2025-8968

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapproveuser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The explo...

CVE-2025-9028

A flaw has been found in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /adphar.php. Executing manipulation of the argument phuname can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-9028 code-projects Online Medicine Guide adphar.php sql injection

A flaw has been found in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /adphar.php. Executing manipulation of the argument phuname can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-8985

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-8982

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument currcode leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-8983

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expensefor leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2025-8983

The CVE-2025-8983 entry concerns itsourcecode Online Tour and Travel Management System 1.0. A SQL injection vulnerability exists in /admin/operations/expense.php via the expense_for parameter. Exploitation is possible remotely, and public exploits have been disclosed. Connected sources corroborat...

CVE-2025-8972

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-8972

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-8954

A vulnerability was identified in PHPGurukul Hospital Management System 4.0. This affects an unknown part of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

PT-2025-33130 · Projectworlds · Visitor Management System

Name of the Vulnerable Software and Affected Versions: projectworlds Visitor Management System version 1.0 Description: A vulnerability exists in projectworlds Visitor Management System 1.0, affecting the processing of the /query data.php file. Manipulation of the dateF/dateP argument results in ...

CVE-2025-8929

A vulnerability has been found in code-projects Medical Store Management System 1.0. This vulnerability affects unknown code of the file MainPanel.java. The manipulation of the argument searchTxt leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

PT-2025-32987 · Unknown · Lingdang Crm

Name of the Vulnerable Software and Affected Versions: Lingdang CRM versions through 8.6.5.4 Description: A SQL injection issue exists in the crm/WeiXinApp/yunzhijia/event.php file. Manipulation of the openid argument can lead to SQL injection, and the attack can be launched remotely. The exploit...

CVE-2025-8431

A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/add-boat.php. The manipulation of the argument boatname leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-8378

A vulnerability was found in Campcodes Online Hotel Reservation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attac...

CVE-2025-8336

A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=saveuser. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploi...

CVE-2025-8254

A vulnerability was found in Campcodes Courier Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /viewparcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-8135

A vulnerability, which was classified as critical, has been found in itsourcecode Insurance Management System 1.0. This issue affects some unknown processing of the file /updateAgent.php. The manipulation of the argument agentid leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-8220

A vulnerability has been found in Engeman Web up to 12.0.0.2. The affected element is an unknown function of the file /Login/RecoveryPass of the component Password Recovery Page. The manipulation of the argument LanguageCombobox as part of Cookie leads to sql injection. The attack is possible to ...

PT-2025-31031 · Unknown · Projectworlds Online Admission System

Name of the Vulnerable Software and Affected Versions: Projectworlds Online Admission System version 1.0 Description: A critical issue exists in Projectworlds Online Admission System. The vulnerability allows for remote SQL injection through manipulation of the markof argument within the /admin.p...