WordPress plugin Unlimited Elements For Elementor SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

PT-2026-42982

A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGST Invoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customer name/category results in sql injection. The...

PT-2026-43084

A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This affects the function confirm logged in of the file student trans.php. Such manipulation of the argument FIRST NAME/Last Name/EMAIL leads to sql injection. It is...

PT-2026-43217

Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the name parameter. Attackers can submit crafted payloads to the search.php endpoint to extract database information including username...

PT-2026-43089

A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. Affected by this issue is the function confirm logged in of the file /studentdel.php. The manipulation of the argument ID results in sql injection. The attack may be launched...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the AddressRepository::getSqlQuery method that constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore...

Exploit for CVE-2025-13673

CVE-2025-13673 — Tutor LMS SQL Injection Lab Unauthenticated...

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

CMS Made Simple CVE-2019-9053 Exploit Python 3 Python 3 com...

CVE-2026-9383

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

CVE-2026-9383

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

EUVD-2026-31595

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

CVE-2026-9383 itsourcecode Electronic Judging System login.php sql injection

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

CVE-2026-9383

The CVE affects itsourcecode Electronic Judging System 1.0. The vulnerability exists in /intrams/admin/login.php where manipulation of the Username parameter enables SQL injection. This allows remote exploitation, as stated. The exploit is public. No additional remediation details are provided in...

WordPress MasterStudy LMS plugin <= 3.7.29 - SQL Injection vulnerability

SQL Injection vulnerability discovered by walow in WordPress Plugin MasterStudy LMS versions = 3.7.29...

CVE-2026-9364 projectworlds Online Art Gallery Shop adminHome.php sql injection

A flaw has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is an unknown function of the file /admin/adminHome.php. Executing a manipulation of the argument sociallinked can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be use...

CVE-2026-9364 projectworlds Online Art Gallery Shop adminHome.php sql injection

A flaw has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is an unknown function of the file /admin/adminHome.php. Executing a manipulation of the argument sociallinked can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be use...

CVE-2026-9364

A flaw has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is an unknown function of the file /admin/adminHome.php. Executing a manipulation of the argument sociallinked can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be use...

CVE-2026-9364

Affected software: projectworlds Online Art Gallery Shop 1.0. Vulnerability: SQL injection in /admin/adminHome.php via the social_linked argument due to unsafe handling. Impact: remote exploitation with potential impact on confidentiality, integrity, and availability. Exploit status: exploit publ...

CVE-2026-9356

A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. This affects an unknown function of the file /admin/patients/managehistory.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has...

OSWE-Notes

OSWE Exploit Helpers Helper modules for writing OSWE exploit...