CVE-2025-7191

A vulnerability has been found in code-projects Student Enrollment System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-47178

Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network...

Microsoft Configuration Manager SQL注入漏洞

Microsoft Configuration Manager is a Microsoft solution for managing computers and servers within an organization that helps IT departments keep software up to date, set configuration and security policies, and monitor system status. A SQL injection vulnerability exists in Microsoft Configuration...

Code-Projects Library System 注入漏洞

Library System is a library system. The Library System suffers from an SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter Search in the file /user/teacher/books.php. An attacker can exploit this vulnerability to execute...

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in Campcodes Sales and Inventory System version 1.0, which stems from improper manipulation of the parameter Customer in the file /pages/customeraccount.php, which could lea...

ABIS Adjutant Core Accounting ERP 安全漏洞

ABIS Adjutant Core Accounting ERP is an enterprise resource planning software system from ABIS Corporation. A security vulnerability exists in ABIS Adjutant Core Accounting ERP build v.PreBeta250F, which stems from the cid parameter in a GET request that is vulnerable to SQL injection attacks,...

Siemens SINEC NMS SQL注入漏洞

Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A SQL injection vulnerability exists in Siemens SINEC NMS, which can ...

Quiter Gateway SQL注入漏洞

Quiter Gateway is an API interface from Quiter Spain. A SQL injection vulnerability exists in Quiter Gateway versions prior to 4.7.0, which stems from an SQL injection in the pagina.filter.categoria parameter, which could lead to database manipulation...

PHPGurukul Zoo Management System 注入漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /admin/manage-animals.php. An attacker can exploit this vulnerability...

Code-Projects Jonnys Liquor 注入漏洞

jonnys Liquor is a content and management system. jonnys Liquor suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /browse.php. An attacker can exploit this vulnerability to execute illeg...

Ivanti Endpoint Manager SQL注入漏洞

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to manage all endpoint devices in an enterprise network. Ivanti Endpoint Manager suffers from a SQL injection vulnerability that originates from improperly filtered submitted SQL statements, which can be...

Code-Projects Library System 注入漏洞

Library System is a library system. The Library System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in the file /add-teacher.php. An attacker can exploit this vulnerability to execute illega...

itsourcecode Employee Management System 安全漏洞

itsourcecode Employee Management System is a itsourcecode open source employee management system. A security vulnerability exists in itsourcecode Employee Management System 1.0 and earlier versions, which stems from improper handling of the parameter coursepg in the file...

CampCodes Advanced Online Voting System 注入漏洞

CampCodes Advanced Online Voting System is an advanced online voting system from CampCodes, Inc. An injection vulnerability exists in CampCodes Advanced Online Voting System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /admin/votersdelete.php, resulting in...

WordPress plugin iFrame Images Gallery SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

Car Rental System login.php File SQL Injection Vulnerability

Car Rental System is a car rental system. Car Rental System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uname in the file /login.php. An attacker can exploit this vulnerability to execute illegal SQL...

Simple Pizza Ordering System large.php file SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter ID of file /large.php. An attacker can exploit this vulnerability to...

Staff Audit System /search_index.php File SQL Injection Vulnerability

Staff Audit System is an employee audit system. Staff Audit System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /searchindex.php. An attacker can exploit this vulnerability to execut...

The vulnerability of the Documino automation platform for electronic document processing lies in the lack of measures taken to protect the SQL query structure, allowing attackers to enhance their privileges.

The vulnerability of the Documino automation platform for electronic document processing lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow attackers to enhance their privileges by sending specially crafted SQL queries...

CVE-2025-6908

A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/edit-services.php. The manipulation of the argument sertitle leads to sql injection. It is possible to launch the attack remotely. The...