Lucene search
K

331 matches found

Cvelist
Cvelist
added 2025/11/19 11:32 p.m.14 views

CVE-2025-13422 freeprojectscodes Sports Club Management System change_s_pwd.php sql injection

A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboard/admin/changespwd.php. Performing manipulation of the argument loginid results in sql injection. The attack may be initiated remotely. The exploit...

7.5CVSS0.00385EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.4 views

PT-2025-47118

A vulnerability was identified in SourceCodester Online Magazine Management System 1.0. Affected by this issue is some unknown functionality of the file /categories.php. The manipulation of the argument c leads to sql injection. The attack is possible to be carried out remotely. The exploit is...

6.5CVSS7.2AI score0.00307EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/11/16 7:32 a.m.5 views

CVE-2025-13242 code-projects Student Information System register.php sql injection

A vulnerability has been found in code-projects Student Information System 2.0. This issue affects some unknown processing of the file /register.php. The manipulation leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be...

7.5CVSS6.8AI score0.0038EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/11/16 12:0 a.m.4 views

PT-2025-47094

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System version 1.0 that allows for SQL injection. This issue is located in the /add librarian.php file, where...

6.5CVSS6.9AI score0.00307EPSS
Exploits1References7
CVE
CVE
added 2025/11/14 12:0 a.m.13 views

CVE-2024-44630

CVE-2024-44630 affects PHPGurukul Student Record System 3.20. The vulnerability is an SQL injection in the file register.php due to insufficient input validation for multiple parameters: c-full, fname, mname, lname, gname, ocp, nation, mobno, email, board1, roll1, pyear1, board2, roll2, pyear2, s...

6.5CVSS7.2AI score0.00215EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/11 10:44 p.m.4 views

CVE-2021-4462

Employee Records System version 1.0 contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload arbitrary files via the uploadID.php endpoint; uploaded files can be executed because the application does not perform proper server-side validation...

9.8CVSS7.3AI score0.03054EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/11/10 12:0 a.m.7 views

SourceCodester Survey Application System 安全漏洞

SourceCodester Survey Application System is an open source survey application system from SourceCodester. A security vulnerability exists in SourceCodester Survey Application System version 1.0, which stems from an incorrect manipulation of the parameter fullname in the file /LoginRegistration.ph...

9.8CVSS7.8AI score0.00394EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989354 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfsmarkrequestcommit when doing ODIRECT Fix an Oopsable condition in...

7.8CVSS5.7AI score0.00256EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/04 12:53 a.m.5 views

CVE-2025-50363

Phpgurukul Maid Hiring Management System 1.0 is vulnerable to Cross Site Scripting XSS in /maid-hiring.php va the name field...

5.4CVSS6.2AI score0.00229EPSS
Exploits1References1
OSV
OSV
added 2025/10/27 11:15 a.m.3 views

CVE-2025-12262

A vulnerability was determined in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /editcriteria.php. Executing manipulation of the argument critid can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...

8.8CVSS5.8AI score0.00304EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/27 9:32 a.m.4 views

EUVD-2025-36141

A security vulnerability has been detected in SourceCodester Online Student Result System 1.0. This issue affects some unknown processing of the file /viewresult.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has bee...

7.5CVSS6.6AI score0.00489EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/10/27 9:32 a.m.6 views

CVE-2025-12256 code-projects Online Event Judging System edit_contestant.php sql injection

A weakness has been identified in code-projects Online Event Judging System 1.0. This vulnerability affects unknown code of the file /editcontestant.php. Executing manipulation of the argument contestantid can lead to sql injection. The attack can be executed remotely. The exploit has been made...

6.5CVSS0.00396EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.4 views

PT-2025-43868

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A flaw exists in SourceCodester Best House Rental Management System 1.0 that allows for remote SQL injection. The issue is located within the login2 function of the...

9.8CVSS6.9AI score0.00431EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2025/10/23 12:0 a.m.3 views

CVE-2025-57240

Cross site scripting XSS vulnerability in 17gz International Student service system 1.0 allows attackers to execute arbitrary code via the registration step...

6.4AI score0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/10 6:31 p.m.5 views

EUVD-2025-33731

code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal password in the Password field on the login page can bypass login attempts...

7.6AI score0.00424EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/10/10 1:31 a.m.11 views

CVE-2025-11503

A vulnerability was determined in PHPGurukul Beauty Parlour Management System 1.1. This issue affects some unknown processing of the file /admin/manage-services.php. Executing a manipulation of the argument delid can lead to sql injection. The attack may be performed from remote. The exploit has...

9.8CVSS7.1AI score0.00441EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.6 views

PT-2025-41575

Name of the Vulnerable Software and Affected Versions code-projects Computer Laboratory System version 1.0 Description The software contains a SQL injection flaw. Successful exploitation allows bypassing login attempts by entering a universal password in the Password field on the login page. The...

7.7AI score0.00424EPSS
Exploits1References6
NVD
NVD
added 2025/10/08 10:15 p.m.6 views

CVE-2025-11507

A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The exploit has been made...

9.8CVSS0.00384EPSS
Exploits1References5
NVD
NVD
added 2025/10/08 3:15 a.m.7 views

CVE-2025-11426

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...

8.8CVSS0.00302EPSS
Exploits1References4
NVD
NVD
added 2025/10/06 2:15 p.m.4 views

CVE-2025-61198

A stored cross-site scripting XSS vulnerability in Optimod 5950 - Optimod 5950HD - Optimod 5750 - Optimod 5750HD - Optimod Trio - Optimod version 1.0.0.33 - System version 2.5.26, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payloa...

5.4CVSS0.00239EPSS
Exploits0References2
Rows per page
Query Builder