87 matches found
CVE-2025-50363
Phpgurukul Maid Hiring Management System 1.0 is vulnerable to Cross Site Scripting XSS in /maid-hiring.php va the name field...
EUVD-2025-36141
A security vulnerability has been detected in SourceCodester Online Student Result System 1.0. This issue affects some unknown processing of the file /viewresult.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has bee...
CVE-2025-12256 code-projects Online Event Judging System edit_contestant.php sql injection
A weakness has been identified in code-projects Online Event Judging System 1.0. This vulnerability affects unknown code of the file /editcontestant.php. Executing manipulation of the argument contestantid can lead to sql injection. The attack can be executed remotely. The exploit has been made...
CVE-2025-57240
Cross site scripting XSS vulnerability in 17gz International Student service system 1.0 allows attackers to execute arbitrary code via the registration step...
PT-2025-41575
Name of the Vulnerable Software and Affected Versions code-projects Computer Laboratory System version 1.0 Description The software contains a SQL injection flaw. Successful exploitation allows bypassing login attempts by entering a universal password in the Password field on the login page. The...
EUVD-2025-27192
Malicious code in bioql PyPI...
EUVD-2022-46174
Malicious code in bioql PyPI...
EUVD-2025-30810
Malicious code in bioql PyPI...
CVE-2025-40695
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'remark', 'status' and 'takeaction' parameters via POST at the endpoint '/ofrs/admin/request-details.php'. This...
PT-2025-33141 · Sourcecodester · Covid19 Testing Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester COVID 19 Testing Management System version 1.0 Description: A SQL injection issue exists in the /check availability.php file due to the manipulation of the employeeid argument. This allows for remote attacks. The exploit has be...
PHPGurukul Teacher Subject Allocation Management System 注入漏洞
Teacher Subject Allocation Management System a teacher subject allocation management system. The Teacher Subject Allocation Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter editid in fi...
CVE-2022-28023
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deletesupplier...
CVE-2022-43051
Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/Users.php?f=deletetest...
CVE-2022-31975
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manageuser=...
itsourcecode Sales and Inventory System 注入漏洞
itsourcecode Sales and Inventory System is itsourcecode open source a sales and inventory system . An injection vulnerability exists in itsourcecode Sales and Inventory System version 1.0, which results from SQL injection due to incorrect manipulation of the parameter serial in the file...
CVE-2025-44192
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangaymanagement/admin/?page=viewclearance...
SourceCodester Packers and Movers Management System 安全漏洞
SourceCodester Packers and Movers Management System is an open source packers and movers management system from Sourcecodester. A security vulnerability exists in version 1.0 of the SourceCodester Packers and Movers Management System, which stems from Users.php containing a cross-site request...
PT-2025-4115 · Unknown · Code-Projects Chat System
Name of the Vulnerable Software and Affected Versions: code-projects Chat System version 1.0 Description: A critical issue affects some unknown processing of the file /user/add chatroom.php. The manipulation of the argument chatname/chatpass leads to SQL injection. The attack may be initiated...
PT-2025-3946 · Codezips · Codezips Gym Management System
Name of the Vulnerable Software and Affected Versions: Codezips Gym Management System version 1.0 Description: A critical issue affects the processing of the file /dashboard/admin/edit member.php, where the manipulation of the name argument leads to SQL injection. The attack can be initiated...
CVE-2024-55103
Online Nurse Hiring System v1.0 was discovered to contain a SQL injection vulnerability in the component /admin/profile.php via the fullname parameter...