PT-2025-39108

Name of the Vulnerable Software and Affected Versions 1000projects Bookstore Management System version 1.0 Description A flaw exists in 1000projects Bookstore Management System version 1.0 related to the manipulation of the unm argument in the /login.php file, leading to a SQL injection. This iss...

PT-2025-39116

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description A security flaw exists in SourceCodester Pet Grooming Management Software version 1.0. The issue involves SQL injection stemming from manipulation of the ID argument withi...

ROS-20250923-23

Vulnerability in the Zabbix universal monitoring system is related to insufficient cleaning of user data transmitted via the "Visible name" field during automatic host deletion. data transmitted via the "Visible Name" field during automatic host deletion. Exploitation vulnerability could allow a...

CVE-2025-10817 Campcodes Online Learning Management System admin_user.php sql injection

A weakness has been identified in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/adminuser.php. Executing manipulation of the argument firstname can lead to sql injection. The attack may be launched remotely. The exploit has been made...

CVE-2025-10817 Campcodes Online Learning Management System admin_user.php sql injection

A weakness has been identified in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/adminuser.php. Executing manipulation of the argument firstname can lead to sql injection. The attack may be launched remotely. The exploit has been made...

SQL Injection

github.com/suyuan32/simple-admin-core is vulnerable to SQL Injection. The vulnerability is due to insufficient input validation because the /sys-api/role/update interface fails to properly sanitize user input, allowing partial data leakage or disruption of system operations...

CVE-2025-10785

A vulnerability was detected in Campcodes Grocery Sales and Inventory System 1.0. This affects an unknown part of the file /manageuser.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

CVE-2025-10781

CVE-2025-10781 affects Campcodes Online Learning Management System 1.0. The vulnerability is in the file /admin/edit_class.php, where manipulation of the parameter named class_name enables a SQL injection. The description states the attack can be executed remotely and the exploit is publicly avai...

CVE-2025-56074

A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...

Campcodes Online Learning Management System SQL注入漏洞

CampCodes Online Learning Management System is an online learning management system from CampCodes Philippines, Inc. A SQL injection vulnerability exists in Campcodes Online Learning Management System version 1.0, which stems from an incorrect manipulation of the parameter subjectcode in the file...

PT-2025-39084

Name of the Vulnerable Software and Affected Versions Campcodes Online Learning Management System version 1.0 Description A weakness exists in Campcodes Online Learning Management System. Manipulation of the firstname argument in the /admin/admin user.php file can lead to SQL injection. The attac...

CampCodes Online Learning Management System SQL注入漏洞

CampCodes Online Learning Management System is an online learning management system from CampCodes Philippines, Inc. A SQL injection vulnerability exists in Campcodes Online Learning Management System version 1.0, which stems from an incorrect manipulation of the parameter firstname in the file...

PT-2025-38746

Name of the Vulnerable Software and Affected Versions Campcodes Online Beauty Parlor Management System version 1.0 Description A security issue exists in Campcodes Online Beauty Parlor Management System 1.0. The issue involves potential SQL injection due to manipulation of the fromdate/todate...

CVE-2025-10673

A vulnerability was determined in itsourcecode Student Information Management System 1.0. The impacted element is an unknown function of the file /admin/modules/class/index.php. This manipulation of the argument classId causes sql injection. The attack may be initiated remotely. The exploit has...

CVE-2024-13151

Authorization Bypass Through User-Controlled SQL Primary Key, CWE - 89 - Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Logo Software Diva allows SQL Injection, CAPEC - 7 - Blind SQL Injection.This issue affects Diva: through 4.56.00.00...

CVE-2025-10652 Robcore Netatmo <= 1.7 - Authenticated (Contributor+) SQL Injection via robcore-netatmo Shortcode

The Robcore Netatmo plugin for WordPress is vulnerable to SQL Injection via the ‘moduleid’ attribute of the robcore-netatmo shortcode in all versions up to, and including, 1.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

WordPress plugin ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages SQL注入漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... WordPress plugi...

CVE-2025-10624

A security flaw has been discovered in PHPGurukul User Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument emailid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and ma...

CVE-2025-10598

A vulnerability was identified in SourceCodester Pet Grooming Management Software 1.0. This issue affects some unknown processing of the file /admin/searchproduct.php. Such manipulation of the argument groupid leads to sql injection. The attack may be launched remotely. The exploit is publicly...

Online Discussion Forum search_result.php File SQL Injection Vulnerability

Online Discussion Forum is an online forum. Online Discussion Forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /admin/adminforum/searchresult.php. An attacker can exploit this...