Student Information System register.php File SQL Injection Vulnerability

Student Information System is a student information system. Student Information System is vulnerable to a SQL injection vulnerability that originates from improper handling of user input in the /register.php file. No details of the vulnerability are available at this time...

Student Information System searchquery.php File SQL Injection Vulnerability

Student Information System is a student information system. The Student Information System suffers from a SQL injection vulnerability that originates from the parameter s in the /searchquery.php file that does not effectively filter user input. An attacker can exploit this vulnerability by...

EUVD-2025-197901

A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

CVE-2024-44664

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, quality, price, and value parameters in product-details.php...

CVE-2025-13319

Digi On-Prem Manager API is affected by an authenticated SQL injection vulnerability (CVE-2025-13319). An attacker with valid API tokens can inject SQL via crafted input; the API is not enabled by default. CVSS 3.1 base score 8.8 (HIGH) with impact to confidentiality, integrity, and availability....

EUVD-2025-197792

A vulnerability was found in code-projects Nero Social Networking Site 1.0. The affected element is an unknown function of the file /profilefriends.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been made public and...

CVE-2025-13277

A flaw has been found in code-projects Nero Social Networking Site 1.0. This issue affects some unknown processing of the file /friendsphoto.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

EUVD-2025-197783

A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepayment. Performing manipulation of the argument ID results in sql injection. The attack is possible to be...

CVE-2025-13271 Campcodes School Fees Payment Management System ajax.php sql injection

A vulnerability was determined in Campcodes School Fees Payment Management System 1.0. This impacts an unknown function of the file /ajax.php?action=login. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2025-13270

A vulnerability was found in Campcodes School Fees Payment Management System 1.0. This affects an unknown function of the file /ajax.php?action=savecourse. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could...

EUVD-2025-197737

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /booksearch.php. Performing manipulation of the argument bookpub/booktitle results in sql injection. It is possible to initiate the attack remotely...

PT-2025-47138

Name of the Vulnerable Software and Affected Versions g33kyrash Online-Banking-System affected versions not specified Description A SQL injection issue exists due to the manipulation of the Username argument. The issue affects unknown code within the /index.php file and is remotely exploitable. T...

PT-2025-47134

Name of the Vulnerable Software and Affected Versions Campcodes School Fees Payment Management System version 1.0 Description A flaw exists in Campcodes School Fees Payment Management System 1.0 that allows for remote SQL injection. The issue is located in the /manage course.php file, specificall...

PT-2025-47582

Name of the Vulnerable Software and Affected Versions phpPgAdmin versions 7.13.0 and earlier Description phpPgAdmin versions 7.13.0 and earlier contain a SQL injection issue in the dataexport.php file at line 118. The application directly executes user-supplied SQL queries from the $ REQUEST'quer...

PT-2025-47173

Name of the Vulnerable Software and Affected Versions Campcodes Supplier Management System version 1.0 Description A flaw exists in Campcodes Supplier Management System that allows for SQL injection. This issue affects the /manufacturer/confirm order.php file. Manipulation of the ID argument can...

PT-2025-47209

Name of the Vulnerable Software and Affected Versions code-projects Courier Management System version 1.0 Description A flaw exists in code-projects Courier Management System 1.0 that allows for remote code execution. The issue is located in the file /add-new-officer.php. Manipulation of the...

PT-2025-47104

Name of the Vulnerable Software and Affected Versions itsourcecode Inventory Management System version 1.0 Description A security issue has been identified in itsourcecode Inventory Management System version 1.0. The issue involves a SQL injection vulnerability present in an unknown function with...

itsourcecode Online Voting System SQL注入漏洞

Online Voting System is an online voting system. Online Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Username in the file /login.php. An attacker can exploit this vulnerability to execute...

CVE-2025-13248

CVE-2025-13248 affects SourceCodester Patients Waiting Area Queue Management System 1.0. The vulnerability is a SQL injection in an unknown function of the file /php/api_patient_schedule.php caused by manipulating the argument appointmentID . This can be triggered remotely and, per sources, the e...

CVE-2025-13243

A vulnerability was found in code-projects Student Information System 2.0. Impacted is an unknown function of the file /editprofile.php. The manipulation results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...