CVE-2026-10235

A flaw has been found in CodeAstro Ingredients Stock Management System 1.0. This vulnerability affects unknown code of the file /Ingredients-Stock/stockmanager.php. This manipulation of the argument txtsearchcategory causes sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2026-6183

A security flaw has been discovered in code-projects Simple Content Management System 1.0. Affected by this issue is some unknown functionality of the file /web/index.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The...

CVE-2026-7117 code-projects Employee Management System approve.php sql injection

A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available...

CodeAstro Simple Attendance Management System 安全漏洞

CodeAstro Simple Attendance Management System is a simple attendance management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Simple Attendance Management System has a security vulnerability. This vulnerability stems from the SQL injection vulnerability in the username parameter...

EUVD-2026-21374

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...

itsourcecode Construction Management System SQL注入漏洞

itsourcecode Construction Management System is an open-source construction management system developed by itsourcecode. Version 1.0 of the itsourcecode Construction Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “Home” in th...

CVE-2026-5256

A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modify.php of the component Parameter Handler. This manipulation of the argument firstName causes sql injection. Remote exploitation of the attack is possible. The exploit has be...

PT-2026-27520

A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file view supplier.php of the component POST Parameter Handler. The manipulation of the argument searchtxt results in sql injection. The attack may be launched remotely. The...

CVE-2026-26883

Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/classes/Master.php?f=deleteappointment...

CVE-2026-26713

The CVE-2026-26713 entry affects Simple Food Order System v1.0. It is vulnerable to SQL Injection in /food/routers/cancel-order.php due to improper input handling in a database query. Impact is rated High for confidentiality, integrity, and availability (CVSS v3.1: 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:...

CVE-2025-70150

CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in delete_members.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter. The CVE-2025-70150 entry uses a network-exposed, unauthenticated path with high impact to...

Itsourcecode Society Management System SQL Injection Vulnerability

itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter studentid in the file...

PT-2025-51136

Name of the Vulnerable Software and Affected Versions itsourcecode Online Pet Shop Management System version 1.0 Description A security issue exists in itsourcecode Online Pet Shop Management System version 1.0 related to the processing of the file /pet1/update cnp.php. Manipulation of the ID...

CVE-2025-14226

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

PT-2025-47118

A vulnerability was identified in SourceCodester Online Magazine Management System 1.0. Affected by this issue is some unknown functionality of the file /categories.php. The manipulation of the argument c leads to sql injection. The attack is possible to be carried out remotely. The exploit is...

CVE-2021-4462

Employee Records System version 1.0 contains an unrestricted file upload vulnerability that allows a remote unauthenticated attacker to upload arbitrary files via the uploadID.php endpoint; uploaded files can be executed because the application does not perform proper server-side validation...

SourceCodester Survey Application System 安全漏洞

SourceCodester Survey Application System is an open source survey application system from SourceCodester. A security vulnerability exists in SourceCodester Survey Application System version 1.0, which stems from an incorrect manipulation of the parameter fullname in the file /LoginRegistration.ph...

CVE-2025-12262

A vulnerability was determined in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /editcriteria.php. Executing manipulation of the argument critid can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...

PT-2025-43868

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A flaw exists in SourceCodester Best House Rental Management System 1.0 that allows for remote SQL injection. The issue is located within the login2 function of the...

EUVD-2025-33731

code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal password in the Password field on the login page can bypass login attempts...