2384 matches found
CVE-2026-10251 itsourcecode Online House Rental System ajax.php login sql injection
A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been...
CVE-2026-10225
A vulnerability was detected in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file logincheck.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The...
CVE-2026-10225
A vulnerability was detected in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file logincheck.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The...
CVE-2026-10208 code-projects Online Hospital Management System login_1.php login_user sql injection
A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function loginuser of the file login1.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...
EUVD-2026-33529
A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function loginuser of the file login1.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...
PT-2026-45400
A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been...
Code-Projects Real State Services SQL注入漏洞
Code-Projects Real State Services is an open-source real estate service developed by Code-Projects. Version 1.0 of Code-Projects Real State Services has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter “Username” in the “login” component’s file...
itsourcecode Online House Rental System SQL注入漏洞
itsourcecode Online House Rental System is an open-source online housing rental system developed by itsourcecode. Version 1.0 of the itsourcecode Online House Rental System has a SQL injection vulnerability. This vulnerability stems from improper handling of the Username parameter in the...
student_management_system_by_php SQL注入漏洞
studentmanagementsystembyphp is a student information management tool developed by Raisul Islam, based on PHP. studentmanagementsystembyphp has a SQL injection vulnerability, which stems from the incorrect handling of the Username parameter in the Login component of the logincheck.php file,...
Bylancer Zechat SQL注入漏洞
Bylancer Zechat is a PHP instant messaging system developed by Bylancer Corporation, which supports real-time messages, group chat, and social interactions. Version 1.5 of Bylancer Zechat has a SQL injection vulnerability. This vulnerability arises from injecting SQL code via the uname parameter,...
CVE-2026-9443
The CVE-2026-9443 vulnerability affects Edimax BR-6478AC 1.23, specifically the POST Request Handler’s formL2TPSetup function. Buffer overflow is triggered via manipulating the L2TPUserName argument in /goform/formL2TPSetup. Attack surface is network-exposed and low privileges are required, with ...
CVE-2026-9383
A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...
CVE-2026-9383
A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...
itsourcecode Electronic Judging System SQL注入漏洞
itsourcecode Electronic Judging System is an open-source electronic referee system developed by itsourcecode. Version 1.0 of the itsourcecode Electronic Judging System has a SQL injection vulnerability. This vulnerability stems from improper handling of the Username parameter in the file...
PT-2026-42944
A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...
CVE-2018-25351
Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads ...
CVE-2018-25351
CVE-2018-25351 affects Joomla! Component EkRishta 2.10. The connected documents describe an error-based SQL injection in the username parameter that allows unauthenticated attackers to execute arbitrary SQL queries by sending POST requests to the login endpoint, leaking database information inclu...
CVE-2018-25351 Joomla! Component EkRishta 2.10 SQL Injection via username
Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads ...
PT-2026-42804
Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...
CVE-2026-36227
Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...