Convivance StandVoice SQL注入漏洞

Convivance StandVoice is a telephone reception platform from Convivance. A security vulnerability exists in Convivance StandVoice versions 4.5 through 6.2, which stems from a SQL injection in the authentication module and could lead to a remote attacker executing arbitrary code via the GESTLOGIN...

CVE-2025-2664

A vulnerability was found in CodeZips Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /suadpeted.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-2640

A vulnerability was found in PHPGurukul Doctor Appointment Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /doctor/appointment-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack...

CVE-2025-2627

A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be initiated remotely...

CVE-2025-1954

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument username leads to sql injection. The attack can be...

PT-2025-9233 · Unknown · Esafenet Cdg

Name of the Vulnerable Software and Affected Versions: ESAFENET CDG version 5.6.3.154.205 Description: A critical issue affects some unknown functionality of the file /CDGServer3/workflowE/useractivate/updateorg.jsp. The manipulation of the flowId argument leads to SQL injection. The attack may b...

PT-2025-7519 · Unknown · Baiyi Cloud Asset Management System

Name of the Vulnerable Software and Affected Versions: Baiyi Cloud Asset Management System version 8.142.100.161 Description: A critical issue was found in the Baiyi Cloud Asset Management System, affecting an unknown part of the file /wuser/admin.ticket.close.php. The manipulation of the ticket ...

GFast 安全漏洞

GFast is a GF Go Frame based backend management system by tiger1103 individual developer. A security vulnerability exists in GFast 3.2 and earlier versions, which stems from SQL injection in the SortName parameter...

PHPGurukul Land Record System 安全漏洞

PHPGurukul Land Record System is a land management system from PHPGurukul. A security vulnerability exists in PHPGurukul Land Record System v1.0, which originates from an SQL injection vulnerability contained in the email parameter of the /admin/contactus.php file...

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

CVE-2025-1173

A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file processusersdel.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

PT-2025-6117 · Unknown · Code-Projects Job Recruitment

Name of the Vulnerable Software and Affected Versions: code-projects Job Recruitment version 1.0 Description: A critical issue has been found in code-projects Job Recruitment. The manipulation of the userhash argument leads to SQL injection. It is possible to initiate the attack remotely. The iss...

novel 安全漏洞

novel is an open source novel system by xxyopen open source. A security vulnerability exists in novel version 3.4.1 and earlier versions, which stems from an incorrect operation of the parameter sort that can lead to SQL injection...

PT-2025-4633 · Unknown · Notfound Traveler Code

Name of the Vulnerable Software and Affected Versions: NotFound Traveler Code versions n/a through 3.1.0 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows malicious SQL commands to be executed...

PT-2025-4115 · Unknown · Code-Projects Chat System

Name of the Vulnerable Software and Affected Versions: code-projects Chat System version 1.0 Description: A critical issue affects some unknown processing of the file /user/add chatroom.php. The manipulation of the argument chatname/chatpass leads to SQL injection. The attack may be initiated...

itsourcecode Tailoring Management System 安全漏洞

itsourcecode Tailoring Management System is a tailoring management system from itsourcecode open source. A security vulnerability exists in version 1.0 of itsourcecode Tailoring Management System, which stems from a parameter typeid in the file partview.php that can lead to SQL injection...

PT-2025-5542 · Unknown · Yannick Lefebvre Bug Library

Name of the Vulnerable Software and Affected Versions: Yannick Lefebvre Bug Library versions n/a through 2.1.4 Description: The issue is related to an SQL Injection vulnerability, specifically Improper Neutralization of Special Elements used in an SQL Command, which allows Blind SQL Injection...

GO-CMS 安全漏洞

GO-CMS is an RBAC-based privilege management system by the individual developer Xiaoyuer Xi-Yuer. A security vulnerability exists in GO-CMS version v.1.1.10, which stems from the presence of a SQL injection vulnerability that allows remote attackers to execute arbitrary code via a crafted payload...

PT-2025-3840 · Unknown · Leiyuxi Cy-Fast

Name of the Vulnerable Software and Affected Versions: leiyuxi cy-fast version 1.0 Description: A critical vulnerability exists in the listData function within the /sys/menu/listData file. Manipulation of the argument order leads to a SQL injection, potentially allowing for remote attacks. The...

PT-2025-3839 · Unknown · Leiyuxi Cy-Fast

Name of the Vulnerable Software and Affected Versions: leiyuxi cy-fast version 1.0 Description: A critical vulnerability exists in the listData function within the /commpara/listData file. Manipulation of the argument order leads to a SQL injection, which can be exploited remotely. The exploit fo...