Lucene search
K

279 matches found

ATTACKERKB
ATTACKERKB
added 2025/12/19 8:2 p.m.4 views

CVE-2025-14968

A security flaw has been discovered in code-projects Simple Stock System 1.0. Affected by this issue is some unknown functionality of the file /market/update.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The exploit has been released to...

9.8CVSS5.4AI score0.00333EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/12/19 3:15 p.m.5 views

CVE-2025-14952

A vulnerability was detected in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addcategory.php. Performing a manipulation of the argument txtCategoryName results in sql injection. The attack is possible to be carried out remotely. The exploit is now...

9.8CVSS5.8AI score0.00371EPSS
Exploits1References5
NVD
NVD
added 2025/12/19 4:16 a.m.7 views

CVE-2025-14940

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/deleteuser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

9.8CVSS0.00333EPSS
Exploits1References5
OSV
OSV
added 2025/12/19 12:15 a.m.3 views

CVE-2025-14898

A security flaw has been discovered in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /admin/userbuilderdelete.php of the component Administrator Endpoint. The manipulation results in sql injection. The attack can be launched remotely. The exploit has be...

7.2CVSS5.7AI score0.00306EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/17 1:4 p.m.11 views

CVE-2025-14780

A vulnerability was detected in Xiongwei Smart Catering Cloud Platform 2.1.6446.28761. The affected element is an unknown function of the file /dishtrade/dishtradedetailget. The manipulation of the argument filter results in sql injection. The attack can be executed remotely. The exploit is now...

6.5CVSS7AI score0.00192EPSS
Exploits0References1
OSV
OSV
added 2025/12/15 8:15 a.m.5 views

CVE-2025-14711

A flaw has been found in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. This vulnerability affects unknown code of the file /controller/api/hotelList.php. This manipulation of the argument pickedHotelName/type causes sql injection. The attack is possible to be carried...

9.8CVSS5.6AI score0.00388EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/12/12 10:32 p.m.3 views

CVE-2025-14585 itsourcecode COVID Tracking System page sql injection

A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=zone. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and...

7.5CVSS6.8AI score0.00363EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/12/11 12:2 p.m.29 views

CVE-2025-14515 Campcodes Supplier Management System add_unit.php sql injection

A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addunit.php. Such manipulation of the argument txtunitDetails leads to sql injection. The attack can be launched remotely. The exploit has been...

7.5CVSS0.00339EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/11 11:32 a.m.35 views

CVE-2025-14514 Campcodes Supplier Management System add_distributor.php sql injection

A flaw has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/adddistributor.php. This manipulation of the argument txtDistributorAddress causes sql injection. The attack can be initiated remotely. The exploit has been published and may be...

7.5CVSS0.00363EPSS
Exploits1References7
NVD
NVD
added 2025/12/09 7:15 p.m.4 views

CVE-2025-14335

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newschoolyear.php. The manipulation of the argument sy leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS0.00339EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/09 6:29 p.m.6 views

CVE-2025-14258

A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newsubject.php. The manipulation of the argument sub leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed t...

9.8CVSS7.1AI score0.00339EPSS
Exploits1References1
CVE
CVE
added 2025/12/09 1:2 a.m.13 views

CVE-2025-14285

Code-projects Employee Profile Management System 1.0 is affected by a SQL injection in edit_personnel.php via the per_id parameter. The flaw enables remote exploitation and has publicly available exploits; multiple sources corroborate the issue. There is no product-specific patch details in the p...

9.8CVSS6.8AI score0.00339EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/12/08 5:16 p.m.3 views

CVE-2025-14256

A vulnerability was detected in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /newcurriculm.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used...

9.8CVSS0.00423EPSS
Exploits1References5
OSV
OSV
added 2025/12/08 4:15 p.m.8 views

CVE-2025-14251

A security vulnerability has been detected in code-projects Online Ordering System 1.0. This affects an unknown function of the file /admin/ of the component Admin Login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit h...

9.8CVSS5.7AI score0.00339EPSS
Exploits1References5
CVE
CVE
added 2025/12/08 11:32 a.m.19 views

CVE-2025-14230

Code-Projects Daily Time Recording System 4.5.0 is affected by a SQL injection in /admin/add_payroll.php caused by manipulating the detail_Id parameter. The vulnerability arises from improper input handling in an unknown function, enabling remote exploitation. Public exploit details exist (PoC in...

8.8CVSS6.8AI score0.0027EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/12/08 1:32 a.m.31 views

CVE-2025-14209 Campcodes School File Management System update_query.php sql injection

A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /updatequery.php. This manipulation of the argument studid causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and...

7.5CVSS0.00339EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/07 2:2 p.m.20 views

CVE-2025-14193 code-projects Employee Profile Management System view_personnel.php sql injection

A vulnerability was determined in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file /viewpersonnel.php. Executing a manipulation of the argument perid can lead to sql injection. The attack can be launched remotely. The exploit has been...

6.5CVSS0.00307EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/04 6:17 p.m.14 views

CVE-2025-13788

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

9.8CVSS7AI score0.00351EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.6 views

PT-2025-48415

A vulnerability was determined in jsnjfz WebStack-Guns 1.0. This vulnerability affects unknown code of the file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. Executing manipulation of the argument sort can lead to sql injection. It is possible to launch the attack...

6.5CVSS6.7AI score0.00326EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/11/24 11:33 a.m.5 views

CVE-2025-13546

A vulnerability was detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this issue is some unknown functionality of the file /results.php of the component Search. The manipulation of the argument userquery results in sql injection. The attack can be...

9.8CVSS7.1AI score0.00324EPSS
Exploits1References1
Rows per page
Query Builder