PT-2025-39102

Name of the Vulnerable Software and Affected Versions Campcodes Computer Sales and Inventory System version 1.0 Description A SQL injection issue exists due to the manipulation of the prodcode argument. This impacts an unknown function within the /pages/pro edit1.php file. The attack can be carri...

CVE-2025-10804

A vulnerability was found in Campcodes Online Beauty Parlor Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/add-customer.php. Performing manipulation of the argument mobilenum results in sql injection. The attack can be initiated remotely. The exploi...

CVE-2025-10786

Campaign: CVE-2025-10786 concerns Campcodes Grocery Sales and Inventory System 1.0. The vulnerability resides in the file /ajax.php?action=delete_user, where manipulation of the ID parameter enables SQL injection. Attack is remote and requires no authentication. An exploit has been published and ...

SourceCodester Online Hotel Reservation System 安全漏洞

SourceCodester Online Hotel Reservation System is a SourceCodester open source online hotel system. A security vulnerability exists in SourceCodester Online Hotel Reservation System version 1.0, which stems from an incorrect manipulation of the parameter ID in the file deleteslide.php, which coul...

WordPress plugin WPFunnels Mail Mint SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A SQL injection...

PT-2025-39045

Name of the Vulnerable Software and Affected Versions WPFunnels Mail Mint versions through 1.18.6 Description A flaw exists in WPFunnels Mail Mint that allows for SQL Injection. The issue is due to improper neutralization of special elements within SQL commands. This could potentially allow an...

CVE-2025-10603

A vulnerability was determined in PHPGurukul Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /admin/adminforum/searchresult.php. Executing manipulation of the argument Search can lead to sql injection. The attack can be launched remotely. The exploit...

PHPGurukul Online Discussion Forum SQL注入漏洞

Online Discussion Forum is an online forum. Online Discussion Forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /admin/adminforum/searchresult.php. An attacker can exploit this...

CVE-2025-10562

A flaw has been found in Campcodes Grocery Sales and Inventory System 1.0. This affects an unknown function of the file /ajax.php?action=saveproduct. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be...

CVE-2025-57104

Teampel 5.1.6 is vulnerable to SQL Injection in /Common/login.aspx...

CVE-2025-10426

A security flaw has been discovered in itsourcecode Online Laundry Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit has been releas...

CVE-2025-57104

Teampel 5.1.6 is vulnerable to SQL Injection in /Common/login.aspx...

CVE-2025-10266 NewType Infortech｜NUP Portal - SQL Injection

NUP Pro developed by NewType Infortech has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2025-10266

NUP Pro by NewType Infortech is affected by a SQL injection vulnerability that allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. The CVE entry indicates a critical impact (CONFIDENTIALITY, INTEGRITY, and AVAILABILITY affected) ...

CVE-2025-59008

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PressTigers ZIP Code Based Content Protection zip-code-based-content-protection allows SQL Injection.This issue affects ZIP Code Based Content Protection: from n/a through = 1.0.0...

Small CRM /profile.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from an SQL injection vulnerability that stems from the /profile.php file not having a secure filter for the Name parameter. No details of the vulnerability are available at this time...

CVE-2025-10104

A security vulnerability has been detected in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /reviewsearch.php. The manipulation of the argument txtsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

PT-2025-36761

Name of the Vulnerable Software and Affected Versions: WPSwings WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates versions through 2.8.10 Description: The software contains an SQL injection flaw that allows attackers to manipulate commands. This...

PT-2025-36490

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Forum Discussion System version 1.0 Description: A SQL injection issue exists in the file /admin class.php?action=login. Manipulation of the Username parameter can lead to exploitation. The attack can be initiated...

ChanCMS SQL注入漏洞

ChanCMS is a content management system by yanyutao0402 individual developer in China. SQL injection vulnerability exists in ChanCMS 3.3.1 and earlier versions, the vulnerability stems from incorrect manipulation of inputs leading to SQL injection...