CVE-2025-10668

A security vulnerability has been detected in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file /members/composemsgadmin.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...

CVE-2025-10670 itsourcecode E-Logbook with Health Monitoring System for COVID-19 check_profile.php sql injection

A flaw has been found in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This issue affects some unknown processing of the file /checkprofile.php. Executing manipulation of the argument profileid can lead to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-10665 kidaze CourseSelectionSystem COUNT3s3.php sql injection

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Affected is an unknown function of the file /Profilers/PProfile/COUNT3s3.php. The manipulation of the argument csem leads to sql injection. Remote exploitation of the attack is possible...

CVE-2025-10662

A vulnerability has been found in SeaCMS up to 13.3. The impacted element is an unknown function of the file /adminmembers.php?ac=editsave. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be use...

itsourcecode Online Discussion Forum SQL注入漏洞

itsourcecode Online Discussion Forum is an online forum of itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Discussion Forum, which stems from incorrect manipulation of the parameter ID in the file /members/composemsg.php, which could lead to a...

Esbi Bilişim Auto Service Software 安全漏洞

Esbi Bilişim Auto Service Software is an auto service software from Esbi Bilişim, Turkey. A security vulnerability exists in Esbi Bilişim Auto Service Software version 4.56.00.00 and prior versions, which originates from a user-controllable SQL primary key leading to an authorization bypass, whic...

SourceCodester Pet Grooming Management Software SQL注入漏洞

SourceCodester Pet Grooming Management Software is a SourceCodester open source pet grooming management system. A SQL injection vulnerability exists in SourceCodester Pet Grooming Management Software version 1.0, which stems from an incorrect operation of the parameter instaamt in the file...

PT-2025-38475

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description A SQL injection issue exists in SourceCodester Pet Grooming Management Software. The vulnerability is located in the file /admin/operation/paid.php. Manipulation of the...

SourceCodester Online Exam Form Submission 安全漏洞

SourceCodester Online Exam Form Submission is a SourceCodester open source online exam submission system. A security vulnerability exists in SourceCodester Online Exam Form Submission version 1.0, which stems from an incorrect manipulation of the parameter credits in the file /admin/updates3.php,...

CVE-2025-10618 itsourcecode Online Clinic Management System transact.php sql injection

A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2025-10601

A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. Affected is an unknown function of the file /admin/index.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...

CVE-2025-10602 SourceCodester Online Exam Form Submission delete_s1.php sql injection

A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deletes1.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-10596 SourceCodester Online Exam Form Submission index.php sql injection

A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument usn results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-10439

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yordam Informatics Yordam Library Automation System allows SQL Injection. This issue affects Yordam Library Automation System: from 21.5 & 21.6 before 21.7...

CVE-2025-10421

A flaw has been found in SourceCodester Student Grading System 1.0. This vulnerability affects unknown code of the file /updateaccount.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

PHPGurukul Online Discussion Forum 安全漏洞

Online Discussion Forum is an online forum. Online Discussion Forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /admin/editmember.php. An attacker can exploit this vulnerability to...

PT-2025-38154

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A SQL injection flaw exists in the /admin/delete student.php file due to manipulation of the stud id argument. This issue is remotely exploitable. The exploit has...

PT-2025-38144

Name of the Vulnerable Software and Affected Versions Yordam Informatics Yordam Library Automation System versions 21.5 through 21.6 Description The Yordam Library Automation System is susceptible to a SQL Injection issue due to improper neutralization of special elements used in an SQL command...

CVE-2025-10564 Campcodes Grocery Sales and Inventory System ajax.php sql injection

A vulnerability was found in Campcodes Grocery Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=deletecategory. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2024-13174

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E1 Informatics Web Application allows SQL Injection. This issue affects Web Application: through 20250916. NOTE: The vendor did not inform about the completion of the fixing process within the...