CampCodes Supplier Management System SQL注入漏洞

CampCodes Supplier Management System is a supplier management system from CampCodes, Inc. A SQL injection vulnerability exists in CampCodes Supplier Management System version 1.0, which stems from an incorrect manipulation of the parameter chkId in the file /admin/viewunit.php, which could lead t...

PT-2025-51148

Name of the Vulnerable Software and Affected Versions code-projects Student File Management System version 1.0 Description A flaw exists in the Student File Management System that allows for remote code execution. The issue is located in the file /admin/delete user.php and involves the manipulati...

CVE-2025-14578

A weakness has been identified in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /updateaccount.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available ...

EUVD-2025-203261

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

SQL Injection

LangGraph SQLite Checkpoint is vulnerable to SQL injection. The vulnerability is due to unsafe construction of SQL queries using unvalidated metadata filter keys, where attacker-controlled keys are interpolated directly into SQL f-strings in the checkpoint search logic, allowing manipulation of...

SQL Injection

llamaindex is vulnerable to SQL Injection. The vulnerability is due to unsafe construction of SQL queries without prepared statements in the duckdbretriever component, which allows an attacker to inject arbitrary SQL commands and execute malicious code...

SQL Injection

devcode-it/openstamanager is vulnerable to a SQL Injection. The vulnerability is due to improper validation of the display parameter in the API, which allows an attacker to inject and execute arbitrary SQL queries to access, modify, or delete database data...

SQL Injection

Apache Hive is vulnerable to SQL Injection. The vulnerability is due to improper handling of delete column statistics requests via Thrift APIs, which allows an authorized attacker to inject malicious SQL queries and manipulate backend database operations...

Code-Projects Prison Management System SQL注入漏洞

Prison Management System is a prison management system. Prison Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter keyname in the file /admin/search.php. An attacker can exploit this...

PT-2025-51112

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A security flaw exists in itsourcecode Student Management System 1.0. The issue affects unknown code within the /update program.php file and allows for SQL injection through...

PT-2025-51059

The افزونه پیامک ووکامرس فوق حرفه ای جدید payamito sms woocommerce plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'columns' parameter in all versions up to, and including, 1.3.5. This is due to insufficient escaping on the user supplied parameter and lack of sufficie...

Code-Projects Student File Management System SQL注入漏洞

Student File Management System is a student file management system. The Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter studentid in the file /admin/updatestudent.php. An...

PT-2025-51133

Name of the Vulnerable Software and Affected Versions itsourcecode Online Pet Shop Management System version 1.0 Description A flaw exists in the itsourcecode Online Pet Shop Management System that allows for SQL injection. This issue is located in the /pet1/addcnp.php file, where manipulation of...

EUVD-2025-203123

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /borrowbook.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-13214

IBM Aspera Orchestrator 4.0.0 through 4.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...

CVE-2025-14570

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewadmin.php. This manipulation of the argument adminid causes sql injection. The attack may be initiated remotely. The exploit has been publishe...

EUVD-2025-203090

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/SProfile/login1.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed fro...

CVE-2025-14566

A security flaw has been discovered in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The impacted element is an unknown function of the file /Profilers/SProfile/reg.php. Performing a manipulation of the argument USN results in sql injection. It is possible to initia...

EUVD-2024-55346

xbtitFM 4.1.18 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries by injecting malicious SQL code through the msgid parameter. Attackers can send crafted requests to /shoutedit.php with EXTRACTVALUE functions to extract database...

Projectworlds Advanced Library Management System SQL注入漏洞

Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A SQL injection vulnerability exists in projectworlds Advanced Library Management System version 1.0, which stems from incorrect manipulation of the parameter rollnumber in the file...