Company Visitor Management System /visitors-form.php File SQL Injection Vulnerability

Company Visitor Management System is a visitor management system. Company Visitor Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /visitors-form.php. An attacker c...

Campcodes Online Shopping Portal 注入漏洞

CampCodes Online Shopping Portal is an online shopping portal from CampCodes, Inc. Campcodes Online Shopping Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements for the parameter Category in the file /admin/category.php. An...

CVE-2025-4932

A vulnerability, which was classified as critical, has been found in projectworlds Online Lawyer Management System 1.0. Affected by this issue is some unknown functionality of the file /lawyerregistation.php. The manipulation of the argument email leads to sql injection. The attack may be launche...

WordPress plugin FAT Services Booking SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress plugin iCafe Library SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress plugin RSVPMarker SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PHPGurukul Notice Board System 安全漏洞

Notice Board System is a bulletin board system. The Notice Board System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the Username parameter of file /login.php. The vulnerability can be exploited by an attacker to...

PHPGurukul Zoo Management System 安全漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter aname in the file /admin/edit-animal-details.php. An attacker can exploit this...

SourceCodester Apartment Visitor Management System 注入漏洞

SourceCodester Apartment Visitor Management System is a SourceCodester open source apartment visitor management system. SourceCodester Apartment Visitor Management System version 1.0 suffers from an injection vulnerability that originates from SQL injection due to the manipulation of the paramete...

Projectworlds Online Lawyer Management System 注入漏洞

Projectworlds Online Lawyer Management System is an online lawyer management system from Projectworlds India. An injection vulnerability exists in Projectworlds Online Lawyer Management System version 1.0, which originates from an operation in the file /savelawyereditprofile.php that results in S...

CVE-2025-4874

A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be launched remotely. The exploit ha...

Campcodes Sales and Inventory System 安全漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. Campcodes Sales and Inventory System suffers from a SQL injection vulnerability that stems from the mishandling of the ID parameter in the file /pages/transactionupdate.php, no details of the vulnerability a...

CodeAstro Pharmacy Management System 注入漏洞

CodeAstro Pharmacy Management System is a pharmacy management system from CodeAstro. An injection vulnerability exists in CodeAstro Pharmacy Management System version 1.0, which originates from an incorrect manipulation of the parameter Username in the file /index.php resulting in a SQL injection...

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. The CampCodes Sales and Inventory System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter prid in the file...

PHPGurukul Park Ticketing Management System 安全漏洞

Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in the parameter noadult/nochildren/aprice/cprice in the file...

PHPGurukul Online Course Registration 注入漏洞

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter newstitle in the file /news.php. An attacker can exploit this...

PHPGurukul Online Course Registration 注入漏洞

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cgpa in the file /edit-student-profile.php. An attacker can...

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. The CampCodes Sales and Inventory System suffers from a SQL injection vulnerability that stems from a lack of validation of the parameter ID in the file /pages/purchaseadd.php for externally entered SQL...

PHPGurukul Online Course Registration 注入漏洞

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter level in the file /admin/level.php. An attacker can exploit...

The vulnerability of the API component of the Zabbix monitoring system allows a attacker to execute arbitrary commands.

The vulnerability of the API component of the Zabbix monitoring system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary commands by processing the groupBy parameter...