Code-Projects Exam Form Submission 注入漏洞

Code-Projects Exam Form Submission is an open source exam form from Code-Projects. An injection vulnerability exists in Code-Projects Exam Form Submission version 1.0, which originates from SQL injection due to incorrect manipulation of parameter credits in file /admin/updates1.php...

CVE-2025-7537

A vulnerability classified as critical has been found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /pages/productupdate.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-7200

A vulnerability, which was classified as critical, was found in krishna9772 Pharmacy Management System up to a2efc8442931ec9308f3b4cf4778e5701153f4e5. Affected is an unknown function of the file quantityupd.php. The manipulation of the argument medname/medcat/exdate leads to sql injection. It is...

CVE-2025-40731

SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php...

Code-Projects Daily Expense Manager SQL注入漏洞

Daily Expense Manager is a daily expense management system. Daily Expense Manager suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements for the parameters pname, pprice, and id in the file /update.php. No details of the vulnerabilit...

Code-Projects Simple Pizza Ordering System 注入漏洞

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /update.php. An attacker can exploit this vulnerability...

CVE-2023-38557

A vulnerability has been identified in Spectrum Power 7 All versions V23Q3. The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in CampCodes Sales and Inventory System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter Name in the file...

SourceCodester Client Database Management System 安全漏洞

SourceCodester Client Database Management System is a SourceCodester open source client database management system. A security vulnerability exists in SourceCodester Client Database Management System version 1.0, which originates from SQL injection due to incorrect operation of the parameter...

CVE-2025-3339

A vulnerability classified as critical was found in codeprojects Online Restaurant Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/userupdate.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely...

PT-2024-9930 · Unknown · 1000 Projects Portfolio Management System Mca

Name of the Vulnerable Software and Affected Versions: 1000 Projects Portfolio Management System MCA version 1.0 Description: The issue is related to the update ex detail.php script in the Portfolio Management System, where the q parameter is not properly sanitized, leading to a SQL injection...

CVE-2024-10506

A vulnerability classified as critical has been found in code-projects Blood Bank System 1.0. This affects an unknown part of the file /admin/blood/update/B-.php. The manipulation of the argument Bloodname leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2024-9814

A vulnerability, which was classified as critical, was found in Codezips Pharmacy Management System 1.0. Affected is an unknown function of the file product/update.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

code-projects Blood Bank Management System SQL注入漏洞

Code-Projects Blood Bank Management System is an open source blood bank management system from Code-Projects. A SQL injection vulnerability exists in code-projects Blood Bank Management System version 1.0, which originates from the parameter Bloodname in the file /admin/blood/update/B+.php that c...

CVE-2024-40456

ThinkSAAS v3.7.0 was discovered to contain a SQL injection vulnerability via the name parameter at \system\action\update.php...

PT-2024-22449 · Csapp Lab · Csapp Lab

Name of the Vulnerable Software and Affected Versions: CSAPP Lab affected versions not specified Description: The issue allows a remote attacker to execute arbitrary code via the lab3 of csapp, lab3/buflab-update.pl component. This is a Buffer Overflow vulnerability in CSAPP Lab CSAPP Lab3 15-213...

CVE-2024-2621

A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwdupdate.php. The manipulation of the argument uuid leads to sql injection. The atta...

Buffalo LS210D Security Vulnerability

The Buffalo LS210D is a hard disk drive from Buffalo Japan. A security vulnerability exists in the Buffalo LS210D version v.1.78-0.03 that originates from a vulnerability that could allow a remote attacker to execute arbitrary code via the firmware update script in...

CVE-2023-51073

CVE-2023-51073 affects Buffalo LS210D, firmware version 1.78-0.03, enabling an unauthenticated remote attacker to execute arbitrary code via the Firmware Update Script at /etc/init.d/update_notifications.sh. The issue is noted across multiple sources (NVD, Red Hat advisories, JVN) with a CVSS v3....

CVE-2023-51073

An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to execute arbitrary code via the Firmware Update Script at /etc/init.d/updatenotifications.sh...