216432 matches found
PT-2026-33690
A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument bus id leads to sql...
CVE-2026-39109
SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page index.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database...
CVE-2026-39110
The CVE-2026-39110 entry concerns the Apartment Visitors Management System (Version 1.1). A SQL Injection flaw exists in the forgot-password.php page, specifically in the contactno parameter, allowing an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...
PHPGurukul Apartment Visitors Management System 安全漏洞
PHPGurukul Apartment Visitors Management System is an apartment visitor management system developed by PHPGurukul Corporation. Version V1.1 of the PHPGurukul Apartment Visitors Management System contains a security vulnerability. This vulnerability stems from an SQL injection issue with the email...
CVE-2026-39110
SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...
PHPGurukul Apartment Visitors Management System 安全漏洞
PHPGurukul Apartment Visitors Management System is an apartment visitor management system developed by PHPGurukul Corporation. Version V1.1 of the PHPGurukul Apartment Visitors Management System has a security vulnerability. This vulnerability stems from an SQL injection issue with the contactno...
School Management System 安全漏洞
School Management System is a school management system developed by ManiKandan G, based on PHP and MySQL. There is a security vulnerability in School Management System, which stems from incorrect handling of the busid parameter in the buslocation.php file, potentially leading to SQL injection...
PHPGurukul Apartment Visitors Management System 安全漏洞
PHPGurukul Apartment Visitors Management System is an apartment visitor management system developed by PHPGurukul Corporation. The PHPGurukul Apartment Visitors Management System V1.1 version has a security vulnerability. This vulnerability stems from an SQL injection issue with the username...
CVE-2026-39111
SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data...
CVE-2026-39111
SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data...
Portswigger_SQLI_LABs_code_review
PortSwigger SQL Injection Labs — Local Docker Recreations Sel...
EUVD-2026-23688
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
CVE-2026-6562
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
CVE-2026-6562
CVE-2026-6562 affects dameng100 muucmf 1.9.5.20260309. The vulnerable component is getListByPage in /index/Search/index.html. Manipulating the keyword argument enables SQL injection from remote, with exploit published. Vendor was contacted but did not respond.
CVE-2026-6562 dameng100 muucmf index.html getListByPage sql injection
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
CVE-2026-6562 dameng100 muucmf index.html getListByPage sql injection
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
CVE-2026-6562
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
PT-2026-33620
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
PT-2026-33643
Name of the Vulnerable Software and Affected Versions Apache Doris MCP Server versions prior to 0.6.1 Description An improper neutralization flaw in query context handling within the MCP query execution interface may allow the execution of unintended SQL statements. This can lead to the bypass of...
tachyon
Tachyon Tachyon is a Go-based command-line web vulnerability...