CVE-2025-5032

A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0. Affected is an unknown function of the file /admin/edit-category.php. The manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-5003

A vulnerability has been found in projectworlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /semesterajax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

WordPress plugin WPAMS SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2025-4865

A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/membersave.php. The manipulation of the argument last leads to sql injection. The attack may be initiated remotely. The exploit has...

CampCodes Online Shopping Portal 注入漏洞

CampCodes Online Shopping Portal is an online shopping portal from CampCodes, Inc. Campcodes Online Shopping Portal suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter email in the file /forgot-password.php. An...

CVE-2025-4812

A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiat...

CVE-2025-4741

A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pages/purchaseadd.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has be...

Rebuild 安全漏洞

Rebuild is a highly customizable enterprise management system from getrebuild open source. A security vulnerability exists in Rebuild v3.9.0 through v3.9.3, which stems from an SQL injection in the /admin/admin-cli/exec component...

CampCodes Online Food Ordering System 注入漏洞

CampCodes Online Food Ordering System is an online food ordering system from CampCodes, Inc. An injection vulnerability exists in CampCodes Online Food Ordering System version 1.0, which originates from SQL injection due to parameter ID manipulation in file /view-ticket-admin.php...

SLiMS 9 Bulian 安全漏洞

SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which stems from...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection due to improper escaping of a query parameter in the postgres64, postgres7, postgres8, and postgres9 drivers. An attacker can execute arbitrary SQL statements by injecting malicious SQL code into the pginsertid method...

PHPGurukul Rail Pass Management System 安全漏洞

Rail Pass Management System is a rail pass management system. The Rail Pass Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter editid in the file /admin/changeimage.php. An attacker can...

CVE-2025-46252

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kofimokome Message Filter for Contact Form 7 allows SQL Injection. This issue affects Message Filter for Contact Form 7: from n/a through 1.6.3.2...

webpy 注入漏洞

webpy is a simple and powerful python web framework from webpy open source. An injection vulnerability exists in webpy version 0.70, which stems from an incorrect manipulation of the parameter seqname in the file web/db.py resulting in SQL injection...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method GetUsers, which can be exploited by an attacker to bypass authorizatio...

SourceCodester Web-based Pharmacy Product Management System 注入漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. An injection vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System, which originates from a SQL injection due ...

CodeAstro Student Grading System 安全漏洞

CodeAstro Student Grading System is a student grading system from CodeAstro. A security vulnerability exists in CodeAstro Student Grading System version 1.0, which stems from an incorrect manipulation of the parameter studentId that can lead to SQL injection...

CVE-2025-3119

A vulnerability was found in SourceCodester Online Tutor Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /tutor/courses/managecourse.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit...

Sourcecodester Online Exam System 安全漏洞

Sourcecodester Online Exam System is a SourceCodester open source online exam system. A security vulnerability exists in Sourcecodester Online Exam System version 1.0, which originates from a SQL injection in dash.php...

CVE-2025-2852

A vulnerability has been found in SourceCodester Food Ordering Management System up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/menus/viewmenu.php. The manipulation of the argument ID leads to sql injection. The attack can be...