PT-2026-43034

Name of the Vulnerable Software and Affected Versions SourceCodester Simple POS and Inventory System version 1.0 Description A remote SQL injection is possible due to improper manipulation of the Name argument within an unknown function in the '/user/search.php' endpoint. SQL injection is a type ...

SourceCodester Simple POS and Inventory System SQL注入漏洞

SourceCodester Simple POS and Inventory System is SourceCodester open source a simple POS and inventory system . SourceCodester Simple POS and Inventory System version 1.0 suffers from a SQL injection vulnerability that originates from the manipulation of the parameter Name by an unknown function...

SUSE CVE-2017-11366

components/filemanager/class.filemanager.php in Codiad before 2.8.4 is vulnerable to remote command execution because shell commands can be embedded in parameter values, as demonstrated by searchfiletype...

school-management-system 安全漏洞

School-Management-System is a school management system developed by Shubham Kumar, an individual developer. Version 1.0 of School-Management-System has a security vulnerability. This vulnerability stems from improper handling of the sitemname POST parameter in the file...

CVE-2026-5554

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/processsearch.php of the component Parameter Handler. Performing a manipulation of the argument...

CVE-2026-5554 code-projects Concert Ticket Reservation System Parameter process_search.php sql injection

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/processsearch.php of the component Parameter Handler. Performing a manipulation of the argument...

Code-Projects Concert Ticket Reservation System SQL注入漏洞

The Code-Projects Concert Ticket Reservation System is an open-source system for booking concert tickets. Version 1.0 of the Code-Projects Concert Ticket Reservation System has a SQL injection vulnerability. This vulnerability stems from incorrect operations with the parameter searching in the fi...

PT-2026-30424

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/process search.php of the component Parameter Handler. Performing a manipulation of the argument...

PT-2026-27269

A vulnerability was identified in SourceCodester Online Catering Reservation 1.0. Impacted is an unknown function of the file /search.php. Such manipulation of the argument rcode leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used...

CVE-2026-3170

CVE-2026-3170 affects SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0; vulnerability located in an unknown function of /patient-search.php. Manipulation of First Name/Last Name can trigger cross-site scripting, with remote attack capability and a public exploit refe...

LibreNMS SQL注入漏洞

LibreNMS is an open-source network monitoring system developed by the LibreNMS community, based on PHP and MySQL. This system features custom alerts, automatic discovery of networks, and automatic updates. Versions of LibreNMS prior to 25.12.0 have a SQL injection vulnerability, which stems from...

CVE-2026-0546

Code-projects Content Management System 1.0 contains a SQL injection in search.php via manipulation of the Value parameter. This vulnerability can be exploited remotely and has publicly disclosed exploit information. Multiple connected sources (PT-2026-1061, Red Hat/CVE feed, NVD/CVE entry, CNNVD...

CVE-2026-0546 code-projects Content Management System search.php sql injection

A vulnerability was determined in code-projects Content Management System 1.0. This impacts an unknown function of the file search.php. This manipulation of the argument Value causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may ...

CVE-2025-14589 code-projects Prison Management System search.php sql injection

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...

CVE-2025-14212

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...

EUVD-2025-197737

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /booksearch.php. Performing manipulation of the argument bookpub/booktitle results in sql injection. It is possible to initiate the attack remotely...

CVE-2025-13255

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /booksearch.php. Performing a manipulation of the argument bookpub/booktitle results in sql injection. It is possible to initiate the attack remotely...

PT-2025-47189

Name of the Vulnerable Software and Affected Versions PHPGurukul Complaint Management System version 2.0 Description The PHPGurukul Complaint Management System is affected by a Cross Site Scripting XSS issue. This issue occurs through the search parameter in the 'user-search.php' file. Successful...

Revive Adserver admin-search.php file cross-site scripting vulnerability

Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...

PT-2025-44559

Name of the Vulnerable Software and Affected Versions Revive Adserver version 5.5.2 Description A reflected Cross-Site Scripting XSS issue exists in Revive Adserver version 5.5.2. An attacker could potentially cause a user with access to the user interface of a Revive Adserver instance to execute...