CVE-2026-36919

Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php...

CVE-2026-36920

Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php...

CVE-2026-36941

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manageroom.php...

CVE-2026-36919

Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php...

PT-2026-32390

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/view details.php...

SourceCodester Computer and Mobile Repair Shop Management system 安全漏洞

The SourceCodester Computer and Mobile Repair Shop Management system is a simple PHP project open source by SourceCodester. It provides a website that displays information about the store. This project also manages customers’ repair records; if their devices have been repaired or serviced,...

PT-2026-32387

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...

PT-2026-32284

A security vulnerability has been detected in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/UpdateVehicleFunction.php. The manipulation of the argument VEHICLE ID leads to sql injection. The attack may be initiated remotely. The...

CVE-2026-36922

Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/viewcategory.php...

itsourcecode Construction Management System SQL注入漏洞

itsourcecode Construction Management System is an open-source construction management system developed by itsourcecode. Version 1.0 of the itsourcecode Construction Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “Name” in th...

Code-Projects Vehicle Showroom Management System SQL注入漏洞

The Code-Projects Vehicle Showroom Management System is an open-source vehicle exhibition hall management system developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from improper handling...

Code-Projects Vehicle Showroom Management System SQL注入漏洞

The Code-Projects Vehicle Showroom Management System is an open-source system for managing automobile showrooms developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from improper handling ...

PT-2026-32362

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/manage repair.php...

CVE-2026-36950

Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in /otas/projectsperdepartment.php...

PT-2026-32402

A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...

📄 Cockpit CMS 2.13.5 NoSQL Injection

Cockpit CMS version 2.13.5 is vulnerable to NoSQL operator injection on multiple API endpoints. User-supplied filter objects are forwarded to the Mongolite query engine without stripping MongoDB operators. Authenticated users can bypass intended query filters and perform boolean-based blind queri...

WordPress plugin Form Maker by 10Web 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

PT-2026-32448

Someone just found a way to dump your entire database with a single HTTP request. CVE-2026-6193: Critical SQL injection in PHPGurukul Daily Expense Tracker v1.1. No authentication. No special tools. Just a crafted URL parameter. Full attack chain breakdown → https://t.co/TeFM3nIkbP SQLInjection C...

Faculty Management System SQL注入漏洞

The Faculty Management System is an instructor management system developed by code-projects as open source. Version 1.0 of the Faculty Management System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter ID in the file /subject-print.php, which ma...

PT-2026-32221

Name of the Vulnerable Software and Affected Versions Vehicle Showroom Management System version 1.0 Description A SQL injection issue exists in an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. Manipulating the BRANCH ID argument can trigger the injection. The attack...