CVE-2025-9702

A vulnerability was identified in SourceCodester Simple Cafe Billing System 1.0. This affects an unknown function of the file /salesreport.php. The manipulation of the argument month leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-9730

A vulnerability was found in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /ajax/updateProfile.php. The manipulation of the argument userid results in sql injection. It is possible to launch the attack remotely. The exploit has been made...

CVE-2025-9694

CVE-2025-9694 affects Campcodes Advanced Online Voting System 1.0. The vulnerability lies in an unknown functionality of /admin/login.php where manipulating the Username argument enables SQL injection. Exploitation can be remote and there are public disclosures of the exploit. CVSS data indicate ...

CVE-2025-9662

A vulnerability was determined in code-projects Simple Grading System 1.0. This affects an unknown function of the file /login.php of the component Admin Panel. Executing manipulation can lead to sql injection. The attack may be performed from a remote location. The exploit has been publicly...

CVE-2025-9598

A security flaw has been discovered in itsourcecode Apartment Management System 1.0. Affected is an unknown function of the file /setting/yearsetup.php. Performing manipulation of the argument txtXYear results in sql injection. The attack can be initiated remotely. The exploit has been released t...

PT-2025-35176

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.10 Description: A flaw exists in Portabilis i-Educar up to version 2.10, related to SQL injection. The issue is located in the /module/TabelaArredondamento/view file within the Tabelas de Arredondamento Pa...

CVE-2025-9592

A vulnerability was detected in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/billinfo.php. Performing manipulation of the argument vid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public...

CVE-2025-9532

Portabilis i-Educar up to version 2.10 contains a SQL injection in the RegraAvaliacao/view path triggered by manipulating the ID parameter. The flaw is exploitable remotely and has published proof-of-concept materials in public references. Multiple sources (Red Hat, NVD, CVE lists, and vendor-foc...

CVE-2025-9511

A vulnerability was identified in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /visitor/addvisitor.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available...

CVE-2025-9509 itsourcecode Apartment Management System fair_info_all.php sql injection

A security flaw has been discovered in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/fairinfoall.php. Performing manipulation of the argument fid results in sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-9509 itsourcecode Apartment Management System fair_info_all.php sql injection

A security flaw has been discovered in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/fairinfoall.php. Performing manipulation of the argument fid results in sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-9473

SourceCodester Online Bank Management System 1.0 has a SQL injection in /feedback.php triggered by manipulating the msg parameter. The vulnerability is remote and has public exploit discussion. Multiple sources describe the issue and its impact on confidentiality, integrity, and availability as h...

CVE-2025-9471

A vulnerability has been found in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /maintenance/addmaintenancecost.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-9468 itsourcecode Apartment Management System add_bill.php sql injection

A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /bill/addbill.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has...

Linux Distros Unpatched Vulnerability : CVE-2021-43008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by...

CVE-2025-9421

A vulnerability has been found in itsourcecode Apartment Management System 1.0. This affects an unknown function of the file /complain/addcomplain.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public an...

CVE-2025-9413 lostvip-com ruoyi-go system_router.go SelectListByPage sql injection

A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/systemrouter.go. This manipulation of the argument orderByColumn/isAsc causes sql injection. The attack may be initiated remotely. The exploit has been published and may ...

CVE-2025-9399

YiFang CMS

Linux Distros Unpatched Vulnerability : CVE-2025-3818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB.processinsertquery of the file web/db.py...

CVE-2025-9050

A vulnerability was found in projectworlds Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /addcategory.php. The manipulation of the argument t1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...