Lucene search
K

216733 matches found

Cvelist
Cvelist
added 2026/03/25 12:32 a.m.31 views

CVE-2026-4783 itsourcecode College Management System Parameter add-single-student-results.php sql injection

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...

6.5CVSS0.00196EPSS
Exploits0References5
CVE
CVE
added 2026/03/25 12:32 a.m.6 views

CVE-2026-4783

The CVE concerns itsourcecode College Management System 1.0. The vulnerability is in the Parameter Handler of the /admin/add-single-student-results.php file, where manipulating the course_code argument causes SQL injection. It can be exploited remotely and the exploit has been disclosed publicly....

6.5CVSS6.4AI score0.00196EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/25 12:31 a.m.9 views

EUVD-2026-15029

A security vulnerability has been detected in SourceCodester Sales and Inventory System 1.0. This issue affects some unknown processing of the file updatecustomerdetails.php of the component HTTP GET Parameter Handler. Such manipulation of the argument sid leads to sql injection. The attack can b...

6.5CVSS5.7AI score0.00361EPSS
Exploits1References6
EUVD
EUVD
added 2026/03/25 12:31 a.m.7 views

EUVD-2026-15031

A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file updateoutstanding.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection. The attack is possible to be carrie...

6.5CVSS5.6AI score0.00295EPSS
Exploits1References6
EUVD
EUVD
added 2026/03/25 12:31 a.m.6 views

EUVD-2026-15026

A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file viewsupplier.php of the component POST Parameter Handler. The manipulation of the argument searchtxt results in sql injection. The attack may be launched remotely. The...

6.5CVSS5.7AI score0.00245EPSS
Exploits1References6
EUVD
EUVD
added 2026/03/25 12:31 a.m.6 views

EUVD-2026-15033

A flaw has been found in SourceCodester Sales and Inventory System 1.0. The affected element is an unknown function of the file updatepurchase.php of the component HTTP GET Parameter Handler. Executing a manipulation of the argument sid can lead to sql injection. The attack may be performed from...

6.5CVSS5.6AI score0.00295EPSS
Exploits1References6
NVD
NVD
added 2026/03/25 12:16 a.m.2 views

CVE-2026-4780

A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file updateoutstanding.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection. The attack is possible to be carrie...

8.8CVSS0.00295EPSS
Exploits1References5
NVD
NVD
added 2026/03/25 12:16 a.m.4 views

CVE-2026-4781

A flaw has been found in SourceCodester Sales and Inventory System 1.0. The affected element is an unknown function of the file updatepurchase.php of the component HTTP GET Parameter Handler. Executing a manipulation of the argument sid can lead to sql injection. The attack may be performed from...

8.8CVSS0.00295EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.3 views

PT-2026-28140

Name of the Vulnerable Software and Affected Versions OpenEMR versions through 8.0.0.2 Description OpenEMR is an electronic health records and medical practice management application. Versions up to and including 8.0.0.2 contain a SQL injection issue in the patient selection feature. This is due ...

7.2CVSS5.8AI score0.00427EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-28030

Name of the Vulnerable Software and Affected Versions Miraculous Core Plugin versions prior to 2.1.2 Description The Miraculous Core Plugin contains a flaw due to improper neutralization of special elements within SQL commands, leading to a Blind SQL Injection condition. This allows for potential...

5.8AI score0.00253EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

SourceCodester Sales and Inventory System SQL注入漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the paramete...

8.8CVSS6.7AI score0.00295EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.5 views

PT-2026-27634

Name of the Vulnerable Software and Affected Versions itsourcecode College Management System version 1.0 Description A SQL injection issue exists in itsourcecode College Management System 1.0. The issue is located in the /admin/add-single-student-results.php file within the Parameter Handler...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.4 views

PT-2026-27925

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in King-Theme Lumise Product Designer lumise allows Blind SQL Injection.This issue affects Lumise Product Designer: from n/a through 2.0.9...

5.9AI score0.00283EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

WordPress plugin ChatBot SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

9.3CVSS5.9AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

WordPress plugin Miraculous Core Plugin SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.5CVSS5.9AI score0.00253EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

WordPress plugin Lumise Product Designer SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. Versions of...

9.3CVSS5.9AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

Code-Projects Simple Laundry System SQL注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of the code-projects Simple Laundry System contains a SQL...

9.8CVSS7.2AI score0.00333EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

itsourcecode College Management System SQL注入漏洞

itsourcecode College Management System is an open-source university management system developed by itsourcecode. Version 1.0 of itsourcecode College Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter coursecode in the file...

6.5CVSS6.6AI score0.00196EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.5 views

PT-2026-28013

Name of the Vulnerable Software and Affected Versions QuantumCloud ChatBot versions through 7.7.9 Description A flaw exists in QuantumCloud ChatBot that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. This issue could potentially allow an...

9.3CVSS5.9AI score0.00283EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.10 views

n8n SQL注入漏洞

n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 2.14.1, 2.13.3, and 1.123.26 have a SQL injection vulnerability. This vulnerability stems from the Data Table Get node, which may lead to data modification or deletion...

8.8CVSS5.9AI score0.00423EPSS
Exploits0References2
Rows per page
Query Builder