PT-2025-47104

Name of the Vulnerable Software and Affected Versions itsourcecode Inventory Management System version 1.0 Description A security issue has been identified in itsourcecode Inventory Management System version 1.0. The issue involves a SQL injection vulnerability present in an unknown function with...

PT-2025-47582

Name of the Vulnerable Software and Affected Versions phpPgAdmin versions 7.13.0 and earlier Description phpPgAdmin versions 7.13.0 and earlier contain a SQL injection issue in the dataexport.php file at line 118. The application directly executes user-supplied SQL queries from the $ REQUEST'quer...

PT-2025-47138

Name of the Vulnerable Software and Affected Versions g33kyrash Online-Banking-System affected versions not specified Description A SQL injection issue exists due to the manipulation of the Username argument. The issue affects unknown code within the /index.php file and is remotely exploitable. T...

PT-2025-47134

Name of the Vulnerable Software and Affected Versions Campcodes School Fees Payment Management System version 1.0 Description A flaw exists in Campcodes School Fees Payment Management System 1.0 that allows for remote SQL injection. The issue is located in the /manage course.php file, specificall...

PT-2025-47209

Name of the Vulnerable Software and Affected Versions code-projects Courier Management System version 1.0 Description A flaw exists in code-projects Courier Management System 1.0 that allows for remote code execution. The issue is located in the file /add-new-officer.php. Manipulation of the...

CVE-2025-13248

CVE-2025-13248 affects SourceCodester Patients Waiting Area Queue Management System 1.0. The vulnerability is a SQL injection in an unknown function of the file /php/api_patient_schedule.php caused by manipulating the argument appointmentID . This can be triggered remotely and, per sources, the e...

CVE-2025-13235

Mode C: This CVE concerns itsourcecode Inventory Management System 1.0. The vulnerability exists in the /admin/login.php file, where manipulating the user_email parameter can trigger SQL injection. It is exploitable remotely and has publicly disclosed exploits. Connected documents corroborate a S...

PT-2025-47076

Name of the Vulnerable Software and Affected Versions code-projects Student Information System version 2.0 Description A flaw exists in code-projects Student Information System 2.0, affecting unknown code within the /index.php file. Manipulation of the Username argument can lead to SQL injection,...

Code-Projects Student Information System SQL注入漏洞

Student Information System is a student information system. Student Information System is vulnerable to a SQL injection vulnerability that originates from the /editprofile.php file not effectively filtering user input. No details of the vulnerability are available at this time...

DataX-Web SQL注入漏洞

DataX-Web is a distributed data synchronization tool developed on top of DataX by WeiYe's individual developers. A SQL injection vulnerability exists in DataX-Web 2.1.2 and earlier versions, which stems from a misbehavior of an unknown function and could lead to a SQL injection attack...

CVE-2025-13201

The CVE-2025-13201 entry concerns Code-projects’ Simple Cafe Ordering System 1.0. A SQL injection vulnerability exists in the login.php file, arising from improper handling of the Username parameter. The issue can be exploited remotely, and an exploit is publicly available. Affected component: lo...

CVE-2024-44640

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...

EUVD-2025-197644

An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...

EUVD-2025-197631

SQL injection SQL-i vulnerability in SVX Portal 2.7A via crafted POST request to admin/updatesetings.php...

CVE-2024-44636

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the adminname and aemailid parameters in /admin-profile.php...

CVE-2025-12620

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the ‘filterbyauthor’ parameter in all versions up to, and including, 6.0.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...

SVXportal 安全漏洞

SVXportal is a portal for Peter's individual developers. A security vulnerability exists in SVXportal version 2.7A, which stems from a specially crafted POST request to admin/updatesetings.php that could lead to SQL injection...

CodeAstro Gym Management System SQL注入漏洞

Gym Management System is a gym management system from SourceCodester. A SQL injection vulnerability exists in version 1.0 of the Gym Management System, which stems from incorrect manipulation of the parameter ID in the file /admin/view-member-report.php, which could lead to a SQL injection attack...

ZOHO ManageEngine Analytics Plus SQL Injection Vulnerability

ZOHO ManageEngine Analytics Plus is a self-service IT analytics solution from ZOHO. Get a better view of your IT data with rich visualizations and dashboards. A SQL injection vulnerability exists in ZOHO ManageEngine Analytics Plus. An attacker can use this vulnerability to view, add, modify, or...

Code-Projects Simple Online Hotel Reservation System 安全漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that stems from the /addqueryreserve.php file failing to effectively filter the roomid parameter. No details of the vulnerability a...