CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in version 1.0 of the CampCodes Sales and Inventory System, which stems from SQL injection due to incorrect manipulation of the parameter cid in the file...

WordPress plugin Melapress File Monitor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Cyber Cafe Management System adminprofile.php File SQL Injection Vulnerability

Cyber Cafe Management System is an internet cafe management system. Cyber Cafe Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter mobilenumber in the file /adminprofile.php. An attacker can...

Curfew e-Pass Management System /admin/edit-pass-detail.php File SQL Injection Vulnerability

Curfew e-Pass Management System is an electronic pass management system. Curfew e-Pass Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter editid in the file /admin/edit-pass-detail.php. A...

Siemens Desigo CC 访问控制错误漏洞

Siemens Desigo CC is an open building management platform from Siemens, Germany, used to produce comfortable, safe and efficient facilities. An access control error vulnerability exists in Siemens Desigo CC, which stems from the server application not validating a specific client request, which...

📄 Feng Office 3.5.1.5 SQL Injection

Feng Office version 3.5.1.5 suffers from a remote SQL injection vulnerability. Titles: fengoffice3.5.1.5 - SQLi Author: nu11secur1ty Date: 05/11/2025 Vendor: https://www.fengoffice.com/ Software: https://trials.fengoffice.com/register?edition=starter Reference:...

NetVision Information ISOinsight 安全漏洞

NetVision Information ISOinsight is an operations and maintenance management platform from China Zhengbang Information NetVision Information. A security vulnerability exists in NetVision Information ISOinsight, which stems from a SQL injection vulnerability that could lead to the execution of...

PHPGurukul Apartment Visitors Management System 安全漏洞

Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that originates from improper manipulation of the parameter fromdate/todate in the file /admin/bwdates-reports-details.php. An attacker c...

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in CampCodes Sales and Inventory System version 1.0, which stems from an incorrect manipulation of the file /pages/creditoradd.php resulting in SQL injection...

CVE-2025-4457

A vulnerability classified as critical was found in Project Worlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has be...

Projectworlds Student Project Allocation System 注入漏洞

Projectworlds Student Project Allocation System is a student project allocation system from Projectworlds India. Projectworlds Student Project Allocation System version 1.0 has an injection vulnerability that originates from SQL injection due to the operation of parameter PatBloodGroup1 in file...

CampCodes Online Food Ordering System 注入漏洞

CampCodes Online Food Ordering System is an online food ordering system from CampCodes, Inc. An injection vulnerability exists in version 1.0 of the CampCodes Online Food Ordering System, which originates from an SQL injection caused by the operation of parameter t1verified in file...

SLiMS 9 Bulian 安全漏洞

SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which originates...

CVE-2025-47538

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpdever Cart tracking for WooCommerce allows SQL Injection. This issue affects Cart tracking for WooCommerce: from n/a through 1.0.17...

WordPress plugin YaySMTP SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A SQL injection...

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements, which can be exploited by an attacker to cause a data leak or complete database corruption...

Nipah virus Testing Management System patient-search-report.php file SQL Injection Vulnerability

Nipah Virus Testing Management System is an online virus diagnostic platform. The Nipah Virus Testing Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchdata in the file...

The vulnerability of TP-Link M7450 router’s microprogramming software lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of TP-Link M7450 router’s microprogramming software is related to the lack of measures taken to protect the SQL query structure during the processing of the username and password fields. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary cod...

itsourcecode Gym Management System 安全漏洞

itsourcecode Gym Management System is an open source gym management system by itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Gym Management System, which originates from a SQL injection due to incorrect manipulation of parameter IDs in file/ajax.php...

Tcman Gim SQL注入漏洞

Tcman Gim is a facility management software from the Spanish company Tcman designed for use on mobile devices. A SQL injection vulnerability exists in Tcman Gim version v11, which stems from an SQL injection in the createNotificationAndroid endpoint Sender and email parameters...