331 matches found
CVE-2025-13422 freeprojectscodes Sports Club Management System change_s_pwd.php sql injection
A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboard/admin/changespwd.php. Performing manipulation of the argument loginid results in sql injection. The attack may be initiated remotely. The exploit...
PT-2025-47118
A vulnerability was identified in SourceCodester Online Magazine Management System 1.0. Affected by this issue is some unknown functionality of the file /categories.php. The manipulation of the argument c leads to sql injection. The attack is possible to be carried out remotely. The exploit is...
CVE-2025-13242 code-projects Student Information System register.php sql injection
A vulnerability has been found in code-projects Student Information System 2.0. This issue affects some unknown processing of the file /register.php. The manipulation leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be...
PT-2025-47094
Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System version 1.0 that allows for SQL injection. This issue is located in the /add librarian.php file, where...
CVE-2024-44630
CVE-2024-44630 affects PHPGurukul Student Record System 3.20. The vulnerability is an SQL injection in the file register.php due to insufficient input validation for multiple parameters: c-full, fname, mname, lname, gname, ocp, nation, mobno, email, board1, roll1, pyear1, board2, roll2, pyear2, s...
CVE-2021-4462
Employee Records System version 1.0 contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload arbitrary files via the uploadID.php endpoint; uploaded files can be executed because the application does not perform proper server-side validation...
SourceCodester Survey Application System 安全漏洞
SourceCodester Survey Application System is an open source survey application system from SourceCodester. A security vulnerability exists in SourceCodester Survey Application System version 1.0, which stems from an incorrect manipulation of the parameter fullname in the file /LoginRegistration.ph...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989354)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989354 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfsmarkrequestcommit when doing ODIRECT Fix an Oopsable condition in...
CVE-2025-50363
Phpgurukul Maid Hiring Management System 1.0 is vulnerable to Cross Site Scripting XSS in /maid-hiring.php va the name field...
CVE-2025-12262
A vulnerability was determined in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /editcriteria.php. Executing manipulation of the argument critid can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...
EUVD-2025-36141
A security vulnerability has been detected in SourceCodester Online Student Result System 1.0. This issue affects some unknown processing of the file /viewresult.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has bee...
CVE-2025-12256 code-projects Online Event Judging System edit_contestant.php sql injection
A weakness has been identified in code-projects Online Event Judging System 1.0. This vulnerability affects unknown code of the file /editcontestant.php. Executing manipulation of the argument contestantid can lead to sql injection. The attack can be executed remotely. The exploit has been made...
PT-2025-43868
Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A flaw exists in SourceCodester Best House Rental Management System 1.0 that allows for remote SQL injection. The issue is located within the login2 function of the...
CVE-2025-57240
Cross site scripting XSS vulnerability in 17gz International Student service system 1.0 allows attackers to execute arbitrary code via the registration step...
EUVD-2025-33731
code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal password in the Password field on the login page can bypass login attempts...
CVE-2025-11503
A vulnerability was determined in PHPGurukul Beauty Parlour Management System 1.1. This issue affects some unknown processing of the file /admin/manage-services.php. Executing a manipulation of the argument delid can lead to sql injection. The attack may be performed from remote. The exploit has...
PT-2025-41575
Name of the Vulnerable Software and Affected Versions code-projects Computer Laboratory System version 1.0 Description The software contains a SQL injection flaw. Successful exploitation allows bypassing login attempts by entering a universal password in the Password field on the login page. The...
CVE-2025-11507
A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The exploit has been made...
CVE-2025-11426
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...
CVE-2025-61198
A stored cross-site scripting XSS vulnerability in Optimod 5950 - Optimod 5950HD - Optimod 5750 - Optimod 5750HD - Optimod Trio - Optimod version 1.0.0.33 - System version 2.5.26, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payloa...