CVE-2025-11115

CVE-2025-11115 affects Code-Projects Simple Scheduling System 1.0, with the flaw located in addtime.php where manipulating starttime/endtime triggers SQL injection. Remote exploitation is possible and public exploits have been disclosed. Multiple sources (NVD/NVDC/CNVD/Red Hat feed) corroborate t...

CVE-2025-11114 CodeAstro Online Leave Application leaveAplicationForm.php sql injection

A flaw has been found in CodeAstro Online Leave Application 1.0. Affected by this vulnerability is an unknown functionality of the file /leaveAplicationForm.php. Executing manipulation of the argument absence can lead to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-11113

CVE-2025-11113 affects CodeAstro Online Leave Application 1.0. The vulnerability is in /signup.php, where manipulating the city parameter results in SQL injection. The attack can be performed remotely and public exploits are known. Other parameters may also be affected. Several connected sources ...

CVE-2025-11109 Campcodes Computer Sales and Inventory System us_edit.php sql injection

A vulnerability was identified in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/usedit.php?action=edit. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is...

CVE-2025-11102

A weakness has been identified in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /admin/editcontent.php. Executing manipulation of the argument Title can lead to sql injection. The attack can be launched remotely. The exploit has been made available t...

CVE-2025-11101 itsourcecode Open Source Job Portal index.php sql injection

A security flaw has been discovered in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/company/index.php?view=edit. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has bee...

CampCodes Advanced Online Voting Management System SQL注入漏洞

CampCodes Advanced Online Voting Management System is an advanced online voting management system from CampCodes Philippines, Inc. A SQL injection vulnerability exists in CampCodes Advanced Online Voting Management System version 1.0, which stems from incorrect manipulation of the parameter ID in...

PT-2025-39773

Name of the Vulnerable Software and Affected Versions code-projects Simple Scheduling System version 1.0 Description A flaw exists in code-projects Simple Scheduling System 1.0, specifically within the /schedulingsystem/addsubject.php file. Manipulation of the subcode argument can lead to SQL...

CampCodes Online Learning Management System SQL注入漏洞

CampCodes Online Learning Management System is an online learning management system from CampCodes Philippines, Inc. A SQL injection vulnerability exists in CampCodes Online Learning Management System version 1.0, which stems from an incorrect manipulation of the parameter schoolyear in the file...

PT-2025-39782

Name of the Vulnerable Software and Affected Versions Campcodes Advanced Online Voting Management System version 1.0 Description A flaw exists in Campcodes Advanced Online Voting Management System version 1.0. The issue involves the manipulation of the ID argument within the file /admin/candidate...

PT-2025-39775

Name of the Vulnerable Software and Affected Versions code-projects Simple Scheduling System version 1.0 Description A flaw exists in the processing of the /schedulingsystem/addcourse.php file. Manipulation of the corcode argument can lead to SQL injection. This issue is remotely exploitable and...

PT-2025-39763

Name of the Vulnerable Software and Affected Versions itsourcecode Open Source Job Portal version 1.0 Description A security flaw exists in itsourcecode Open Source Job Portal version 1.0 that allows for SQL injection. The issue is triggered by manipulating the ID argument in the file...

CVE-2025-11075

A vulnerability has been found in Campcodes Online Learning Management System 1.0. This affects an unknown function of the file /admin/deactivate.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and...

CVE-2025-11033

A vulnerability has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Impacted is an unknown function of the file /Profilers/PriProfile/COUNT3s7.php. The manipulation of the argument cbe leads to sql injection. It is possible to initiate the attack remotel...

CVE-2025-11071

SeaCMS 13.3.20250820 is affected by a SQL injection in the Cron Task Management module via /admin_cron.php, caused by manipulation of the resourcefrom/collectID parameter. The vulnerability can be triggered remotely and exploited after the public disclosure of the exploit. The provided documents ...

CVE-2025-11063

A vulnerability was identified in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /admin/editdepartment.php. The manipulation of the argument d leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly...

CVE-2025-11061

A vulnerability was found in Campcodes Online Learning Management System 1.0. This affects an unknown part of the file /admin/editstudent.php. Performing manipulation of the argument cys results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public...

CVE-2025-11053 PHPGurukul Small CRM forgot-password.php sql injection

A weakness has been identified in PHPGurukul Small CRM 4.0. This affects an unknown function of the file /forgot-password.php. Executing manipulation of the argument email can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could b...

PT-2025-39724

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description A SQL injection issue exists in SourceCodester Pet Grooming Management Software version 1.0. The issue is located in the file /admin/print inv.php. Manipulation of the ID...

Projectworlds Online Shopping System SQL注入漏洞

Projectworlds Online Shopping System is an online shopping system from the Austrian company Projectworlds. A SQL injection vulnerability exists in Projectworlds Online Shopping System version 1.0, which stems from a misuse of the parameter ID in the file /store/cartadd.php, which could lead to a...