CVE-2025-15012 code-projects Refugee Food Management System home.php sql injection

A vulnerability was determined in code-projects Refugee Food Management System 1.0. The affected element is an unknown function of the file /home/home.php. This manipulation of the argument a causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...

PT-2025-52690

Name of the Vulnerable Software and Affected Versions Hasura GraphQL version 1.3.3 Description Hasura GraphQL version 1.3.3 has a local file read issue. Attackers can access system files through SQL injection in the query endpoint. Exploitation involves the pg read file PostgreSQL function via...

PT-2025-52624

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A SQL injection issue exists due to manipulation of the a argument within an unknown function of the /home/home.php file. The attack can be carried out remotely. The exploit has been...

EUVD-2025-204664

A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The exploit...

CVE-2025-46268

Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands...

CVE-2025-14959

A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available...

EUVD-2025-204588

A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available t...

CVE-2025-14950 code-projects Scholars Tracking System delete_post.php sql injection

A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /deletepost.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to t...

EUVD-2025-204435

A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. T...

EUVD-2025-204422

A vulnerability was identified in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /admin/useragentdelete.php of the component Administrator Endpoint. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit is...

CVE-2025-14900

CodeAstro Real Estate Management System 1.0 is affected. The vulnerability is an SQL injection in the Administrator Endpoint, caused by manipulation of the ID parameter in /admin/userdelete.php. Exploitation can be remote and a public exploit exists. The root cause is improper handling of the ID ...

CodeAstro Real Estate Management System SQL注入漏洞

CodeAstro Real Estate Management System is a real estate management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Real Estate Management System version 1.0, which stems from an incorrect operation of the file /admin/stateadd.php, which could lead to a SQL injection atta...

Code-Projects Scholars Tracking System SQL注入漏洞

Code-Projects Scholars Tracking System is an open source scholars tracking system by Code-Projects. A SQL injection vulnerability exists in Code-Projects Scholars Tracking System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /deletepost.php, which could lead...

PT-2025-52504

Name of the Vulnerable Software and Affected Versions code-projects Simple Blood Donor Management System version 1.0 Description A flaw exists in code-projects Simple Blood Donor Management System version 1.0 that allows for remote SQL injection. The issue is located in the /editedcampaign.php...

PT-2025-52503

Name of the Vulnerable Software and Affected Versions code-projects Simple Blood Donor Management System version 1.0 Description A security issue exists in code-projects Simple Blood Donor Management System 1.0. The issue involves a SQL injection affecting an unknown function within the...

CVE-2025-14898

CVE-2025-14898 affects CodeAstro Real Estate Management System 1.0. In the file /admin/userbuilderdelete.php of the Administrator Endpoint , there is an input handling flaw that enables SQL injection . The issue is exploitable remotely and the exploit has been publicly released. The Red Hat/ENISA...

CVE-2025-68111

ChurchCRM is an open-source church management system. In versions prior to 6.5.3, a SQL injection vulnerability exists in the eGive.php file within the "ReImport" functionality. An authenticated user with finance privileges can execute arbitrary SQL queries by manipulating the MissingEgiveFamID...

CVE-2025-63948

A SQL Injection vulnerability exists in phpMsAdmin version 2.2 in the databasemode.php file. An attacker can execute arbitrary SQL commands via the dbname parameter, potentially leading to information disclosure or database manipulation...

CVE-2025-46268 Advantech WebAccess/SCADA SQL Injection

Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands...

CVE-2021-47711 Kentico Xperience <= 13.0.52 Online Marketing Macros SQL Injection

A SQL injection vulnerability in Kentico Xperience allows authenticated editors to inject malicious SQL queries via online marketing macro method parameters. This enables unauthorized database access and potential data manipulation by exploiting macro method input validation weaknesses...