216715 matches found
CVE-2026-4841
A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file form/cart.php of the component Shopping Cart Module. Executing a manipulation of the argument del can lead to sql injection. The attack can be executed remotely. The exploit h...
EUVD-2026-16081
A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /myaccount/delete.php. Performing a manipulation of the argument cosid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public a...
CVE-2026-4836
A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /myaccount/delete.php. Performing a manipulation of the argument cosid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public a...
CVE-2026-4839
SourceCodester Food Ordering System 1.0 contains a SQL injection in the Parameter Handler within /purchase.php, triggered by manipulating the custom parameter. Affected component: unknown function in /purchase.php; root cause is improper handling of the custom argument leading to SQL injection. T...
CVE-2026-4839 SourceCodester Food Ordering System Parameter purchase.php sql injection
A vulnerability has been found in SourceCodester Food Ordering System 1.0. This affects an unknown function of the file /purchase.php of the component Parameter Handler. The manipulation of the argument custom leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-4839
A vulnerability has been found in SourceCodester Food Ordering System 1.0. This affects an unknown function of the file /purchase.php of the component Parameter Handler. The manipulation of the argument custom leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-4838 SourceCodester Malawi Online Market display.php sql injection
A flaw has been found in SourceCodester Malawi Online Market 1.0. The impacted element is an unknown function of the file /display.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be us...
CVE-2026-4838 SourceCodester Malawi Online Market display.php sql injection
A flaw has been found in SourceCodester Malawi Online Market 1.0. The impacted element is an unknown function of the file /display.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be us...
CVE-2026-4836 code-projects Accounting System delete.php sql injection
A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /myaccount/delete.php. Performing a manipulation of the argument cosid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public a...
CVE-2026-4836 code-projects Accounting System delete.php sql injection
A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /myaccount/delete.php. Performing a manipulation of the argument cosid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public a...
EUVD-2026-16054
A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /updatestock.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...
CVE-2026-4826
A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /updatestock.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...
CVE-2026-33917
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajaxsave CAMOS form that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input...
Wecodex SAT CFDI SQL注入漏洞
Wecodex SAT CFDI is an electronic invoice generation and management system developed by Wecodex Corporation. Version 3.3 of Wecodex SAT CFDI contains a SQL injection vulnerability, which stems from insufficient input validation for the id parameter. This vulnerability may lead to SQL injection...
PT-2026-28244
Name of the Vulnerable Software and Affected Versions Online Quiz Maker version 1.0 Description Authenticated attackers can execute arbitrary SQL commands due to SQL injection flaws. By submitting malicious POST requests to the endpoints "quiz-system.php" or "add-category.php" using crafted...
CVE-2026-30463
Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnerability via the /controllers/Login.php component...
itsourcecode Free Hotel Reservation System SQL注入漏洞
itsourcecode Free Hotel Reservation System is an open-source hotel reservation system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file admin/modamenities/index.php?view=editpic...
PT-2026-28197
A vulnerability has been found in SourceCodester Food Ordering System 1.0. This affects an unknown function of the file /purchase.php of the component Parameter Handler. The manipulation of the argument custom leads to sql injection. The attack can be initiated remotely. The exploit has been...
Mobile Security Framework SQL注入漏洞
Mobile Security Framework MobSF is an automated, integrated mobile application developed under the MobSF open-source framework. It is used for penetration testing, malware analysis, and security assessments, capable of performing both static and dynamic analyses. Prior to MobSF 4.4.6, there was a...
Openbiz PHP Framework SQL注入漏洞
Openbiz PHP Framework is an enterprise-level application development framework developed by jixian2003. Version 3.0.8 of Openbiz PHP Framework contains a SQL injection vulnerability. This vulnerability stems from insufficient input validation for the username parameter, which may lead to SQL...