PT-2026-32688

Name of the Vulnerable Software and Affected Versions FortiClientEMS versions 7.4.0 through 7.4.5 FortiClientEMS versions 7.2.0 through 7.2.12 FortiClientEMS version 7.0 Description Improper neutralization of special elements used in an SQL command, known as SQL injection, allows an attacker to...

SourceCodester Online Employees Work From Home Attendance System 安全漏洞

SourceCodester Online Employees Work From Home Attendance System is an open-source online employee remote work attendance system developed by SourceCodester. Version 1.0 of the SourceCodester Online Employees Work From Home Attendance System contains a security vulnerability. This vulnerability...

PT-2026-32694

A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...

PT-2026-32637

CVE-2026-37596 SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh attendance/admin/manage department.php. https://t.co/mauoyzh46T...

CVE-2026-37596

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/managedepartment.php...

CVE-2026-37594

CVE-2026-37594 affects SourceCodester Online Employees Work From Home Attendance System v1.0. The vulnerability is a SQL Injection in /wfh_attendance/admin/view_employee.php, caused by unsafe SQL handling in that file. The available data identifies the issue but does not provide exploitation deta...

CVE-2026-37597

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/attendance_list.php. The root cause is unsafe SQL query handling, enabling potential data leakage or modification. The CVSS metrics indicate a low severity (Base ...

CVE-2026-37602

SourceCodester Patient Appointment Scheduler System v1.0 is affected by a SQL Injection in /scheduler/admin/user/manage_user.php. The CVE reports a low-severity issue (CVSS v3.1: 2.7, LOW) with NETWORK attack vector, HIGH privileges required, and no user interaction. Impact is limited to confiden...

CVE-2026-37596

CVE-2026-37596 affects SourceCodester Online Employees Work From Home Attendance System v1.0. The vulnerability is a SQL Injection in the file /wfh_attendance/admin/manage_department.php. Documents confirm the affected product and vulnerable component, but do not provide remediation steps, exploi...

CVE-2026-37601

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php. The CVE notes a database-query flaw exploitable via that PHP endpoint, but no specific impact, affected version ranges beyond v1.0, or concrete...

CVE-2026-37590

CVE-2026-37590 affects SourceCodester Storage Unit Rental Management System v1.0. The vulnerability is a SQL Injection in /storage/admin/rents/manage_rent.php, with CVSS v3.1 stats indicating network access, low base score (2.7) and confidentiality impact low; integrity/availability unaffected pe...

CVE-2026-37591

CVE-2026-37591 affects Sourcecodester Storage Unit Rental Management System v1.0. The vulnerability is an SQL injection in the file /storage/admin/tenants/view_details.php, reported across multiple sources (NVD/EUVD/CVE listings). The available descriptions do not specify the root cause details b...

CVE-2026-37592

CVE-2026-37592 affects Sourcecodester Storage Unit Rental Management System v1.0. Multiple sources report a SQL injection in /storage/admin/maintenance/manage_pricing.php, indicating an input-related vulnerability in that PHP file. The CVSS metrics provided show a Low severity (base score 2.7) wi...

CVE-2026-37589

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in /storage/admin/maintenance/manage_storage_unit.php. The CVE entry (CVE-2026-37589) is corroborated by multiple sources (NVD, ENISA EUVD, CVE List, AttackersKB, CVE enrichment) indicating a SQL injection fl...

SourceCodester Online Employees Work From Home Attendance System 安全漏洞

SourceCodester Online Employees Work From Home Attendance System is an open-source online employee remote work attendance system developed by SourceCodester. Version 1.0 of the SourceCodester Online Employees Work From Home Attendance System contains a security vulnerability. This vulnerability...

CVE-2026-37602

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manageuser.php...

CVE-2026-37590

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/managerent.php...

CVE-2026-37594

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/viewemployee.php...

CVE-2026-37593

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/viewatt.php...

CVE-2025-65133

CVE-2025-65133 : A SQL injection vulnerability exists in the School Management System (version 1.0) by manikandan580. An unauthenticated or authenticated remote attacker can send a crafted HTTP request to the affected endpoint to manipulate SQL query logic and extract sensitive database informati...