CVE-2025-11477 SourceCodester Wedding Reservation Management System global.php sql injection

A security flaw has been discovered in SourceCodester Wedding Reservation Management System 1.0. This vulnerability affects unknown code of the file /global.php. The manipulation of the argument User results in sql injection. The attack may be launched remotely. The exploit has been released to t...

CVE-2025-11477

Summary: CVE-2025-11477 affects SourceCodester Wedding Reservation Management System 1.0. The flaw occurs in /global.php where manipulation of the User parameter enables a SQL injection. The vulnerability can be exploited remotely and exploits have been released publicly. Multiple connected sourc...

CVE-2025-11476 SourceCodester Simple E-Commerce Bookstore index.php sql injection

A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument loginusername leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-11476 SourceCodester Simple E-Commerce Bookstore index.php sql injection

A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument loginusername leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-11474 SourceCodester Hotel and Lodge Management System edit_booking.php sql injection

A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbooking.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-11474

CVE-2025-11474 affects SourceCodester Hotel and Lodge Management System 1.0. The vulnerability lies in the /edit_booking.php functionality, where manipulation of the Name parameter enables a SQL injection. This is a remotely exploitable flaw with publicly available exploit details. Multiple sourc...

CVE-2025-11472

A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /editroom.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-11473

CVE-2025-11473 affects SourceCodester Hotel and Lodge Management System 1.0, with the vulnerable component in the file /edit_curr.php where improper handling of the currsymbol parameter enables SQL injection. The vulnerability is described as remotely exploitable, with public exploit information ...

CVE-2025-11472

CVE-2025-11472 affects SourceCodester Hotel and Lodge Management System 1.0. The vulnerability is a SQL injection in the /edit_room.php script caused by improper handling of the ID parameter, enabling remote exploitation. Exploit unreliable/unconfirmed details are not provided beyond the claim th...

CVE-2025-11472 SourceCodester Hotel and Lodge Management System edit_room.php sql injection

A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /editroom.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-11471 SourceCodester Hotel and Lodge Management System edit_customer.php sql injection

A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /editcustomer.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2025-11471

The CVE-2025-11471 entry affects SourceCodester Hotel and Lodge Management System 1.0, specifically the file /edit_customer.php where manipulating the ID parameter enables SQL injection. Root cause: improper handling of user-supplied ID leads to a SQL injection vulnerability. Impact, as described...

CVE-2025-11469

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/savecustomer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11470

A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System up to 1.0. The impacted element is an unknown function of the file /managewebsite.php. The manipulation of the argument websiteimage/backloginimage leads to unrestricted upload. The attack is possible t...

CVE-2025-11470 SourceCodester Hotel and Lodge Management System manage_website.php unrestricted upload

A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System up to 1.0. The impacted element is an unknown function of the file /managewebsite.php. The manipulation of the argument websiteimage/backloginimage leads to unrestricted upload. The attack is possible t...

CVE-2025-11469 SourceCodester Hotel and Lodge Management System save_customer.php sql injection

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/savecustomer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11469 SourceCodester Hotel and Lodge Management System save_customer.php sql injection

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/savecustomer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11430

A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-11430

A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-11430 SourceCodester Simple E-Commerce Bookstore cart.php sql injection

A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...