Code-Projects COVID Tracking System SQL注入漏洞

Code-Projects COVID Tracking System is a new Crown Pneumonia tracking system from Code-Projects open source. A SQL injection vulnerability exists in Code-Projects COVID Tracking System version 1.0, which stems from incorrect manipulation of the parameter code in the file /login.php, which could...

CVE-2025-13569

Summary: CVE-2025-13569 affects itsourcecode COVID Tracking System 1.0. The vulnerability is an SQL injection in the file path /admin/?page=city caused by manipulation of the ID parameter. It can be exploited remotely and the exploit has been disclosed publicly. Reported across multiple sources (...

CVE-2025-13557

A vulnerability has been found in Campcodes Online Polling System 1.0. Affected by this issue is some unknown functionality of the file /registeracc.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the publ...

itsourcecode COVID Tracking System SQL注入漏洞

The COVID Tracking System is a new crown pneumonia tracking system. The COVID Tracking System suffers from a SQL injection vulnerability that stems from the /admin/?page=state file not securely filtering the ID parameter. The vulnerability can be exploited by an attacker to illegally obtain...

PT-2025-47866

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System version 1.0, specifically within the /delete admin.php file. Manipulation of the admin id argument can...

Ares

Ultimate SQLi Tool v3.0 — FINAL The most powerful, autonomous...

CVE-2025-12750 Groundhogg <= 4.2.6.1 - Authenticated (Admin+) SQL Injection

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to SQL Injection via the 'term' parameter in all versions up to, and including, 4.2.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

CVE-2025-52410

Institute-of-Current-Students v1.0 contains a time-based blind SQL injection vulnerability in the mydetailsstudent.php endpoint. The myds GET parameter is not adequately sanitized before being used in SQL queries...

phppgadmin contains a SQL injection vulnerability

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in display.php at line 396. The application passes user-controlled input from $REQUEST'query' directly to the browseQuery function without proper sanitization. An authenticated attacker can exploit this vulnerability to execute...

GHSA-G6XH-WRPF-V6J6 phppgadmin contains a SQL injection vulnerability

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in display.php at line 396. The application passes user-controlled input from $REQUEST'query' directly to the browseQuery function without proper sanitization. An authenticated attacker can exploit this vulnerability to execute...

GHSA-927W-VQ5C-8GC3 phppgadmin contains a SQL injection vulnerability

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. The application directly executes user-supplied SQL queries from the $REQUEST'query' parameter without any sanitization or parameterization via $data-conn-Execute$REQUEST'query'. An authenticated...

UBUNTU-CVE-2025-60797

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. The application directly executes user-supplied SQL queries from the $REQUEST'query' parameter without any sanitization or parameterization via $data-conn-Execute$REQUEST'query'. An authenticated...

PT-2025-47556

The attention-bar WordPress plugin through 0.7.2.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing high privilege users such as administrator to perform SQL injection attacks...

School Fees Payment Management System /manage_course.php File SQL Injection Vulnerability

School Fees Payment Management System is a tuition payment management system. The School Fees Payment Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter ID of the file /managecourse.php. An...

Small CRM quote-details.php file SQL Injection Vulnerability

Small CRM a customer relationship management system. Small CRM suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the id and adminremark parameters of quote-details.php. An attacker can exploit this vulnerability to...

Online Voting System /ajax.ph File SQL Injection Vulnerability

Online Voting System is an online voting system. Online Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /ajax.php. An attacker can exploit this vulnerability to execute illega...

Web-Based Internet Laboratory Management System /enrollment/controller.php File SQL Injection Vulnerability

Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from a lack of validation of externally entered SQL statements in the file /enrollment/controller.php. An attacke...

Nero Social Networking Site profilefriends.php file SQL injection vulnerability

Nero Social Networking Site is a social networking site. Nero Social Networking Site suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID in the file /profilefriends.php. An attacker can exploit this vulnerability...

PT-2025-47554

A vulnerability was identified in SourceCodester Online Shop Project 1.0. The affected element is an unknown function of the file /action.php. Such manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might...

WordPress plugin Attention Bar 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in...