Bus Reservation System SQL注入漏洞

Bus Reservation System is a PHPJabbers open source bus reservation system. A SQL injection vulnerability exists in Bus Reservation System version 1.1, which stems from a SQL injection in the pickupid parameter, and could lead to manipulation of database queries and theft of information...

ROS-20251215-7309

Elasticsearch search engine vulnerability related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending specially crafted SQL queries...

CVE-2025-14623

A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/updatestudent.php. This manipulation of the argument studid causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

CVE-2025-14666

A weakness has been identified in itsourcecode COVID Tracking System 1.0. The affected element is an unknown function of the file /admin/?page=user. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2025-14661

A vulnerability has been found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the publ...

CVE-2025-14652 itsourcecode Online Cake Ordering System admindetail.php sql injection

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This issue affects some unknown processing of the file /admindetail.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and...

CVE-2025-14649 itsourcecode Online Cake Ordering System supplier.php sql injection

A vulnerability was detected in itsourcecode Online Cake Ordering System 1.0. Affected by this issue is some unknown functionality of the file /cakeshop/supplier.php. Performing manipulation of the argument supplier results in sql injection. The attack can be initiated remotely. The exploit is no...

CVE-2025-14649 itsourcecode Online Cake Ordering System supplier.php sql injection

A vulnerability was detected in itsourcecode Online Cake Ordering System 1.0. Affected by this issue is some unknown functionality of the file /cakeshop/supplier.php. Performing manipulation of the argument supplier results in sql injection. The attack can be initiated remotely. The exploit is no...

CVE-2025-14643

A vulnerability was found in code-projects Simple Attendance Record System 2.0. The affected element is an unknown function of the file /check.php. Performing manipulation of the argument student results in sql injection. Remote exploitation of the attack is possible. The exploit has been made...

CVE-2025-14644

CVE-2025-14644 affects itsourcecode Student Management System 1.0. The vulnerability is an SQL injection in the /update_subject.php file triggered by manipulating the ID parameter, exploitable remotely. Public exploits exist per sources, and multiple feeds (NVD, Red Hat, EUVD, CNNVD, CVE records)...

PT-2025-51148

Name of the Vulnerable Software and Affected Versions code-projects Student File Management System version 1.0 Description A flaw exists in the Student File Management System that allows for remote code execution. The issue is located in the file /admin/delete user.php and involves the manipulati...

CampCodes Supplier Management System SQL注入漏洞

CampCodes Supplier Management System is a supplier management system from CampCodes, Inc. A SQL injection vulnerability exists in CampCodes Supplier Management System version 1.0, which stems from an incorrect manipulation of the parameter chkId in the file /admin/viewunit.php, which could lead t...

itsourcecode Student Management System SQL注入漏洞

itsourcecode Student Management System is an open source student management system from itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from incorrect manipulation of the parameter ID in the file /updatesubject.php, which...

PT-2025-51163

A vulnerability has been found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the publ...

CVE-2025-14578

A weakness has been identified in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /updateaccount.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available ...

EUVD-2025-203261

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

SQL Injection

LangGraph SQLite Checkpoint is vulnerable to SQL injection. The vulnerability is due to unsafe construction of SQL queries using unvalidated metadata filter keys, where attacker-controlled keys are interpolated directly into SQL f-strings in the checkpoint search logic, allowing manipulation of...

SQL Injection

llamaindex is vulnerable to SQL Injection. The vulnerability is due to unsafe construction of SQL queries without prepared statements in the duckdbretriever component, which allows an attacker to inject arbitrary SQL commands and execute malicious code...

SQL Injection

devcode-it/openstamanager is vulnerable to a SQL Injection. The vulnerability is due to improper validation of the display parameter in the API, which allows an attacker to inject and execute arbitrary SQL queries to access, modify, or delete database data...

SQL Injection

Apache Hive is vulnerable to SQL Injection. The vulnerability is due to improper handling of delete column statistics requests via Thrift APIs, which allows an authorized attacker to inject malicious SQL queries and manipulate backend database operations...