PT-2025-34577

Name of the Vulnerable Software and Affected Versions: YiFang CMS versions up to 2.0.5 Description: A SQL injection issue exists in the file app/logic/L tool.php due to the manipulation of the new url argument. This issue may be exploited remotely. The vendor was contacted but did not respond...

CVE-2025-9025

A vulnerability was determined in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /portal.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

PHPGurukul Online Shopping Portal Project 注入漏洞

Online Shopping Portal Project is an online shopping portal project. A SQL injection vulnerability exists in Online Shopping Portal Project, which originates from the lack of validation of externally-entered SQL statements in the parameter emailid in the file /shopping/password-recovery.php. An...

Projectworlds Visitor Management System 注入漏洞

Visitor Management System is a visitor access management system. Visitor Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter rid in the file /visitorout.php. An attacker can exploit this...

CVE-2025-8953

A vulnerability was determined in SourceCodester COVID 19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /checkavailability.php. The manipulation of the argument employeeid leads to sql injection. The attack may be launched remotely. The exploit ha...

itsourcecode Online Tour and Travel Management System 注入漏洞

itsourcecode Online Tour and Travel Management System is a itsourcecode open source online tour and travel management system. An injection vulnerability exists in itsourcecode Online Tour and Travel Management System version 1.0, which is caused by incorrect manipulation of the parameter...

Online Appointment Booking System deletedoctorclinic.php File SQL Injection Vulnerability

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter clinic in the file /admin/deletedoctorclinic.ph...

XWiki Platform SQL注入漏洞

XWiki Platform is XWiki's open source suite of Wiki platforms for creating web collaboration applications. A SQL injection vulnerability exists in XWiki Platform versions 9.4-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, which stems from a misbehavior of the parameter sort in...

CVE-2025-7933

A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /pages/settingsupdate.php of the component Setting Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated...

CVE-2025-7765

A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addmanagerclinic.php. The manipulation of the argument clinic leads to sql injection. The attack can be launched...

CVE-2025-25257

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execu...

PHPGurukul Vehicle Parking Management System 安全漏洞

Vehicle Parking Management System is a parking management system. Vehicle Parking Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter del in the file /admin/manage-category.php. An attacker...

Staff Audit System /search_index.php File SQL Injection Vulnerability

Staff Audit System is an employee audit system. Staff Audit System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /searchindex.php. An attacker can exploit this vulnerability to execut...

PHPGurukul Zoo Management System 注入漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /admin/manage-foreigners-ticket.php. An attacker can exploit this vulnerabili...

Simple Pizza Ordering System addmem.php File SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the file /addmem.php. An attacker can exploit this vulnerability to execute illegal...

Art Gallery Management System forgot-password.php File SQL Injection Vulnerability

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter email in the file /admin/forgot-password.php. An attacker c...

Code-Projects Simple Pizza Ordering System 注入漏洞

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the file /addmem.php. An attacker can exploit this vulnerability to execute illegal...

Hospital Management System 注入漏洞

Hospital Management System is a hospital management software by Pon Aravind Boominathan, an individual developer. An injection vulnerability exists in Hospital Management System version 1.0, which results from SQL injection due to incorrect manipulation of parameter username1 in file /func3.php...

Dairy Farm Shop Management System /add-product.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement for the parameter productname in the file...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Shenzhou Vision Han Technology Co., Ltd (CNVD-C-2025-321946)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...