CVE-2025-5404

CVE-2025-5404 affects chaitak-gorai Blogbook, specifically the GET Parameter Handler in /search.php where manipulating the Search argument leads to a denial of service. The initial and multiple accompanying sources (NVD, Red Hat, CVE List, Vulners enrichments) identify this as a publicly disclose...

CVE-2024-4072

A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. It has been classified as problematic. Affected is an unknown function of the file search.php. The manipulation of the argument txtSearch leads to cross site scripting. It is possible to launch the attack...

CVE-2023-3945

A vulnerability was found in phpscriptpoint Lawyer 1.6. It has been classified as problematic. This affects an unknown part of the file search.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235401 was assigned to this...

CVE-2023-3858

A vulnerability has been found in phpscriptpoint Car Listing 1.6 and classified as problematic. This vulnerability affects unknown code of the file /search.php. The manipulation of the argument country/state/city leads to cross site scripting. The attack can be initiated remotely. VDB-235210 is t...

CVE-2023-33734

BlueCMS v1.6 was discovered to contain a SQL injection vulnerability via the keywords parameter at search.php...

CVE-2022-48120

SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8fd9aa10a8d17f79fad9bd on March 13, 2021, allows attackers to execute arbitrary commands via the contact and doctor parameters to /search.php...

CVE-2022-43369

AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component search.php...

CVE-2022-29650

Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food-search.php...

CVE-2020-29280

The Victor CMS v1.0 application is vulnerable to SQL injection via the 'search' parameter on the search.php page...

CVE-2020-18263

PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. This vulnerability allows attackers to access sensitive database information...

CVE-2018-11470

iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel...

CVE-2007-10001

A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown part of the file search.php. The manipulation of the argument searchstring leads to sql injection. It is recommended to apply a patch to fix this issue. The identifier VDB-217449 was assigned to this...

Cyber Cafe Management System search.php File SQL Injection Vulnerability

Cyber Cafe Management System is an internet cafe management system. Cyber Cafe Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchdata in the file /search.php. An attacker can exploit this...

CVE-2025-4778 PHPGurukul Park Ticketing Management System normal-search.php sql injection

A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been declared as critical. This vulnerability affects unknown code of the file /normal-search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-4778

The CVE-2025-4778 entry concerns PHPGurukul Park Ticketing Management System 2.0. It affects the /normal-search.php file where the searchdata parameter can be manipulated to trigger an SQL injection, allowing remote exploitation. Public disclosure is noted. Connected sources consistently describe...

CVE-2025-4696

A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched...

SourceCodester Best Online News Portal 注入漏洞

SourceCodester Best Online News Portal is a SourceCodester open source best online news portal. An injection vulnerability exists in version 1.0 of SourceCodester Best Online News Portal, which stems from SQL injection due to incorrect manipulation of the searchtitle parameter in file /search.php...

PT-2025-21584 · Unknown · Sourcecodester Best Online News Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Online News Portal version 1.0 Description: A critical issue has been found, affecting an unknown function of the file /search.php. The manipulation of the searchtitle argument leads to SQL injection. This issue can be...

PT-2025-21278

Name of the Vulnerable Software and Affected Versions: PHPGurukul Cyber Cafe Management System version 1.0 Description: A critical vulnerability was found in the PHPGurukul Cyber Cafe Management System. The issue affects an unknown functionality of the file /search.php. The manipulation of the...

CVE-2025-4262 PHPGurukul Online DJ Booking Management System user-search.php sql injection

A vulnerability was found in PHPGurukul Online DJ Booking Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/user-search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely...