CVE-2025-15012

A vulnerability was determined in code-projects Refugee Food Management System 1.0. The affected element is an unknown function of the file /home/home.php. This manipulation of the argument a causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...

CVE-2025-15012 code-projects Refugee Food Management System home.php sql injection

A vulnerability was determined in code-projects Refugee Food Management System 1.0. The affected element is an unknown function of the file /home/home.php. This manipulation of the argument a causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...

PT-2025-52624

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A SQL injection issue exists due to manipulation of the a argument within an unknown function of the /home/home.php file. The attack can be carried out remotely. The exploit has been...

EUVD-2025-204664

A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The exploit...

CVE-2025-46268

Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands...

CVE-2025-14959

A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available...

EUVD-2025-204588

A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available t...

CVE-2025-14950 code-projects Scholars Tracking System delete_post.php sql injection

A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /deletepost.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to t...

EUVD-2025-204435

A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. T...

EUVD-2025-204422

A vulnerability was identified in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /admin/useragentdelete.php of the component Administrator Endpoint. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit is...

Code-Projects Scholars Tracking System SQL注入漏洞

Code-Projects Scholars Tracking System is an open source scholars tracking system by Code-Projects. A SQL injection vulnerability exists in Code-Projects Scholars Tracking System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /deletepost.php, which could lead...

CodeAstro Real Estate Management System SQL注入漏洞

CodeAstro Real Estate Management System is a real estate management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Real Estate Management System version 1.0, which stems from an incorrect operation of the file /admin/stateadd.php, which could lead to a SQL injection atta...

CVE-2025-68111

ChurchCRM is an open-source church management system. In versions prior to 6.5.3, a SQL injection vulnerability exists in the eGive.php file within the "ReImport" functionality. An authenticated user with finance privileges can execute arbitrary SQL queries by manipulating the MissingEgiveFamID...

CVE-2025-63948

A SQL Injection vulnerability exists in phpMsAdmin version 2.2 in the databasemode.php file. An attacker can execute arbitrary SQL commands via the dbname parameter, potentially leading to information disclosure or database manipulation...

CVE-2025-46268 Advantech WebAccess/SCADA SQL Injection

Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands...

CVE-2021-47711 Kentico Xperience <= 13.0.52 Online Marketing Macros SQL Injection

A SQL injection vulnerability in Kentico Xperience allows authenticated editors to inject malicious SQL queries via online marketing macro method parameters. This enables unauthorized database access and potential data manipulation by exploiting macro method input validation weaknesses...

EUVD-2025-204246

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Roxnor PopupKit popup-builder-block allows Blind SQL Injection.This issue affects PopupKit: from n/a through = 2.1.5...

PT-2025-52314

Name of the Vulnerable Software and Affected Versions WBiz Desk version 1.2 Description A SQL injection issue exists in WBiz Desk 1.2 that allows non-admin users to manipulate database queries. This is possible through the tk parameter within the 'ticket.php' file. Attackers can inject crafted SQ...

Simple Attendance Record System check.php File SQL Injection Vulnerability

Simple Attendance Record System is a simple attendance record system. Simple Attendance Record System suffers from a SQL injection vulnerability that originates from an unknown function in the /check.php file that mishandles the student parameter. An attacker can use this vulnerability to obtain ...

PT-2025-51999

Name of the Vulnerable Software and Affected Versions Roxnor PopupKit versions through 2.1.5 Description A flaw exists in Roxnor PopupKit’s popup-builder-block component that allows for Blind SQL Injection. This is due to improper neutralization of special elements used in an SQL command. The...