216140 matches found
CVE-2026-11507 CodeAstro Leave Management System delete_leave_type.php sql injection
A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/deleteleavetype.php. The manipulation of the argument leavetype results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...
CVE-2026-11507 CodeAstro Leave Management System delete_leave_type.php sql injection
A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/deleteleavetype.php. The manipulation of the argument leavetype results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...
OWASP_Top10_Web_Pentest
🔓 Week 04 — Web Application Penetration Testing OWASP Top 10...
CVE-2026-11506
A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/searchstafffordeletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to t...
CVE-2026-11506 CodeAstro Leave Management System search_staff_for_deletion.php sql injection
A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/searchstafffordeletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to t...
CVE-2026-11506 CodeAstro Leave Management System search_staff_for_deletion.php sql injection
A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/searchstafffordeletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to t...
EUVD-2026-35042
A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/searchstafffordeletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to t...
CVE-2026-11506
CVE-2026-11506 affects CodeAstro Leave Management System 1.0. The vulnerability is an SQL injection in the file /admin/search_staff_for_deletion.php caused by manipulation of the Name parameter, enabling remote exploitation. Public exploit disclosure is noted. The connected records indicate this ...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx
FreePBX CVE-2025-57819 — Unauthenticated SQLi to Root RCE...
WordPress JetEngine plugin <= 3.8.9.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by daroo in WordPress Plugin JetEngine versions = 3.8.9.1...
WordPress The Events Calendar plugin 6.15.12-6.16.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by vtim in WordPress Plugin The Events Calendar versions 6.15.12-6.16.2...
WordPress wpDataTables plugin <= 7.3.6 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Bonds in WordPress Plugin wpDataTables versions = 7.3.6...
CVE-2026-11501 SourceCodester Hospitals Patient Records Management System Master.php save_patient sql injection
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /classes/Master.php?f=savepatient. The manipulation of the argument ID results in sql injection. It is possible to launch the attack...
CVE-2026-11501 SourceCodester Hospitals Patient Records Management System Master.php save_patient sql injection
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /classes/Master.php?f=savepatient. The manipulation of the argument ID results in sql injection. It is possible to launch the attack...
CVE-2026-11501
The CVE-2026-11501 entry concerns SourceCodester Hospitals Patient Records Management System 1.0. The flaw is a SQL injection in the handling of the ID parameter in /classes/Master.php?f=save_patient, enabling remote exploitation. The vulnerability stems from improper input handling in a server-s...
CVE-2026-11456
A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...
WordPress JetEngine plugin < 3.8.9.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Bonds in WordPress Plugin JetEngine versions 3.8.9.1...
Vuln2Action-Demo
Vuln2Action-Demo This repository contains the demo video for t...
CVE-2026-11495
A vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. This impacts an unknown function of the file /Ingredients-Stock/addstock.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be...
CVE-2026-11490
A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Frontend/Search.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...