CVE-2025-10840 SourceCodester Pet Grooming Management Software print-payment.php sql injection

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/print-payment.php. This manipulation of the argument sql111 causes sql injection. The attack can be initiated remotely. The exploit has been made available to...

CVE-2025-10839

CVE-2025-10839 affects SourceCodester Pet Grooming Management Software 1.0. The vulnerability is a SQL injection in the /admin/inv-print.php script caused by manipulating the ID parameter. It allows remote exploitation, and public exploits exist. Multiple connected sources corroborate the issue a...

CVE-2025-10834

A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. This affects an unknown function of the file /jobportal/admin/login.php. Such manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available a...

CVE-2025-10828 SourceCodester Pet Grooming Management Software edit.php sql injection

A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/edit.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly an...

PT-2025-39151

Name of the Vulnerable Software and Affected Versions Campcodes Society Membership Information System version 1.0 Description A flaw exists in Campcodes Society Membership Information System that allows for remote SQL injection. The issue stems from improper handling of the student id argument...

CVE-2025-10810 Campcodes Online Learning Management System edit_user.php sql injection

A vulnerability was detected in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/edituser.php. Performing manipulation of the argument firstname results in sql injection. The attack is possible to be carried out remotely. The exploit ...

CVE-2025-10809

A security vulnerability has been detected in Campcodes Online Learning Management System 1.0. The affected element is an unknown function of the file /admin/department.php. Such manipulation of the argument d leads to sql injection. The attack can be executed remotely. The exploit has been...

CVE-2025-10807

A security flaw has been discovered in Campcodes Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/edit-customer-detailed.php. The manipulation of the argument editid results in sql injection. The attack may be launched remotely. The exploit...

CVE-2025-10688

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/operation/paid.php. This manipulation of the argument invno/instaamt causes sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-10668

The CVE concerns itsourcecode Online Discussion Forum 1.0, where manipulation of the ID parameter in /members/compose_msg_admin.php enables SQL injection. This is a network-accessible issue with potential remote exploitation, and multiple feeds (nvd, Red Hat, CVE records, and security trackers) c...

CVE-2025-10618

The CVE-2025-10618 issue affects itsourcecode Online Clinic Management System 1.0, specifically the transact.php file where manipulation of the firstname parameter enables a SQL injection. Multiple connected sources corroborate remote exploitability and publicly disclosed PoCs. Evidence across NV...

CVE-2025-10459

A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/all-appointment.php. The manipulation of the argument delid results in sql injection. The attack can be executed remotely. The exploit has been released to the...

CVE-2025-10598

A vulnerability was identified in SourceCodester Pet Grooming Management Software 1.0. This issue affects some unknown processing of the file /admin/searchproduct.php. Such manipulation of the argument groupid leads to sql injection. The attack may be launched remotely. The exploit is publicly...

CVE-2025-10403

A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/view-enquiry.php. The manipulation of the argument viewid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclose...

CVE-2025-10421 SourceCodester Student Grading System update_account.php sql injection

A flaw has been found in SourceCodester Student Grading System 1.0. This vulnerability affects unknown code of the file /updateaccount.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-10413 Campcodes Grocery Sales and Inventory System ajax.php sql injection

A vulnerability has been found in Campcodes Grocery Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=deletecustomer. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been...

CVE-2025-10405 itsourcecode Baptism Information Management System listbaptism.php sql injection

A vulnerability was determined in itsourcecode Baptism Information Management System 1.0. Affected is an unknown function of the file /listbaptism.php. This manipulation of the argument baptid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

Small CRM /get-quote.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability, which originates from the /get-quote.php file, which does not perform security filtering on the Contact parameter. An attacker can exploit this vulnerability to illegally manipulate the...

CVE-2025-10103 code-projects Online Event Judging System home.php sql injection

A weakness has been identified in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /home.php. Executing manipulation of the argument mainevent can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the...

CVE-2025-10082

A vulnerability has been found in SourceCodester Online Polling System 1.0. Affected is an unknown function of the file /admin/manage-admins.php. Such manipulation of the argument email leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and m...