CVE-2025-6901

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /phpaction/removeUser.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The exploi...

CVE-2025-6884

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /searchindex.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has...

PHPGurukul Zoo Management System 注入漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /admin/manage-foreigners-ticket.php. An attacker can exploit this vulnerabili...

PHPGurukul Teachers Record Management System 注入漏洞

Teachers Record Management System is a teacher record management system. The Teachers Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter tid in the file /admin/changeimage.php. An...

Code-Projects Car Rental System 注入漏洞

Car Rental System is a car rental system. Car Rental System suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement in the parameter carname in the file /admin/addcars.php. An attacker can use this vulnerability to execute illegal S...

Code-Projects Inventory Management System 注入漏洞

Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the userid parameter in the file /phpaction/removeUser.php for externally entered SQL statements. An attacker can...

CVE-2025-6846

A vulnerability classified as critical has been found in code-projects Simple Forum 1.0. This affects an unknown part of the file /forumviewfile.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-6842

A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edituser.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

Code-Projects Simple Forum 注入漏洞

Simple forum is a simple forum. Simple forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Name in the file /forumviewfile.php. An attacker can exploit this vulnerability to execute illegal SQL commands...

Code-Projects Library System 注入漏洞

Library System is a library system. The Library System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter reg in the file /student-issue-book.php. An attacker can exploit this vulnerability to execute illeg...

OWASP ESAPI 安全漏洞

OWASP ESAPI is a free, open source, Web application security control library from the OWASP Foundation in the United States that makes it easier for programmers to write lower-risk applications. A security vulnerability exists in OWASP ESAPI that stems from improper neutralization of special...

oa_system 注入漏洞

oasystem is a hailey individual developer's application for the day-to-day operation and management of organizations, used by employees and managers. An injection vulnerability exists in oasystem that originates from an external address book handler resulting in SQL injection...

Code-Projects Inventory Management System 注入漏洞

Inventory Management System is an inventory management system. The Inventory Management System suffers from a SQL injection vulnerability that originates in the /phpaction/createOrder.php file, which does not adequately filter user input. An attacker can exploit this vulnerability by remotely...

CVE-2025-39474

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ThemeMove Amely allows SQL Injection. This issue affects Amely: from n/a through 3.1.4...

Pre-School Enrollment System check_availability.php File SQL Injection Vulnerability

Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in the file /admin/checkavailability.ph...

Art Gallery Management System add-artist.php File SQL Injection Vulnerability

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter awfuldetails in the file /admin/add-artist.php. An attacker...

Simple Pizza Ordering System edituser.php File SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /edituser.php. An attacker can exploit this vulnerabili...

Simple Pizza Ordering System update.php File SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /update.php. An attacker can exploit this vulnerability...

Simple Pizza Ordering System addmem.php File SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the file /addmem.php. An attacker can exploit this vulnerability to execute illegal...

Student Record system Using PHP and MySQL SQL Injection Vulnerability

Student Record system Using PHP and MySQL is a student record system based on php and mysql. A SQL injection vulnerability exists in Student Record system Using PHP and MySQL, which stems from the lack of validation of externally entered SQL statements for variables $cshortname, $cfullname, and...