itsourcecode Online Cake Ordering System SQL注入漏洞

itsourcecode Online Cake Ordering System is a itsourcecode open source online cake ordering system. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Cake Ordering System, which stems from an incorrect manipulation of the parameter supplier in the file...

SourceCodester FAQ Bot with AI Assistant 安全漏洞

SourceCodester FAQ Bot with AI Assistant is an open source question and answer bot with artificial intelligence assistant by SourceCodester. A security vulnerability exists in SourceCodester FAQ Bot with AI Assistant v1.0, which stems from improper handling of user-supplied input and could lead t...

Do Not Enable Insecure SNMP Versions

Simple Network Management Protocol SNMP is a standard protocol designed to manage network nodes in IP networks. This protocol allows the exchange of network management and control data between network elements NEs. If SNMP is installed in scenarios where SNMP is not required, additional system...

CampCodes Hospital Management System 安全漏洞

CampCodes Hospital Management System is a hospital management system from CampCodes, Inc. A security vulnerability exists in CampCodes Hospital Management System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter Password in the component Admin...

Code-Projects Online Note Sharing 代码问题漏洞

Code-Projects Online Note Sharing is an online note sharing software from Code-Projects open source. A code issue vulnerability exists in Code-Projects Online Note Sharing version 1.0, which stems from improper handling of the parameter image in the file /dashboard/userprofile.php, which could le...

CVE-2022-25221

Money Transfer Management System Version 1.0 allows an attacker to inject JavaScript code in the URL and then trick a user into visit the link in order to execute JavaScript code...

CVE-2025-29720

CVE-2025-29720 affects Dify v1.0 with a Server-Side Request Forgery via controllers.console.remote_files.RemoteFileUploadApi. Root cause: SSRF in that API component. Impact per provided metrics: CVSS 3.1 base score 4.8 (Medium); attack vector Local, user interaction required; confidentiality, int...

PHPGurukul Human Metapneumovirus Testing Management System 安全漏洞

PHPGurukul Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system from PHPGurukul, Inc. A security vulnerability exists in PHPGurukul Human Metapneumovirus Testing Management System v1.0, which originates from a SQL injection vulnerability in the...

CVE-2025-26013

An issue in Loggrove v.1.0 allows a remote attacker to obtain sensitive information via the read.py component...

QR Code Bookmark System 跨站脚本漏洞

QR Code Bookmark System is a QR Code Bookmark System by rems Personal Developer. A cross-site scripting vulnerability exists in version 1.0 of the QR Code Bookmark System, which is caused by a cross-site scripting vulnerability in the name/url parameter of the /endpoint/add-bookmark.php file...

campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the campcodes Complete Web-Based School Management System due to an SQL injection vulnerability in the name parameter of the index.p...

Customer Support System 安全漏洞

Customer Support System is a customer support system by oretnom23 Individual Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. A security vulnerability exists in the v1 version of Customer Support System, which...

Web-Based Student Clearance System SQL Injection Vulnerability

Web-Based Student Clearance System is a web-based student clearance system by the individual developer Ndueso Okorie. A SQL injection vulnerability exists in Web-Based Student Clearance System version 1.0, which stems from an incorrect manipulation of the parameter Fullname that can lead to sql...

Online Notice Board System SQL Injection Vulnerability

Online Notice Board System is an online bulletin board system. A SQL injection vulnerability exists in the v1.0 version of Online Notice Board System, which occurs when the dd parameter of the user/updateprofile.php page is processed without filtering the data and sending it to the database for...

Customer Support System Security Breach

Customer Support System is a customer support system by oretnom23 Individual Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. A security vulnerability exists in Customer Support System version 1.0, which stems fr...

AC Repair and Services System SQL注入漏洞

AC Repair and Services System is an air conditioning repair and services system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in AC Repair and Services System version 1.0, which stems from a misuse of the parameter id resulting in sql injection...

Dynamic Transaction Queuing System SQL注入漏洞

Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0. An attacker can exploit this vulnerability to perform a SQL injection attack via...

Food Ordering Management System SQL注入漏洞

Food Ordering Management System is a food ordering management system by Carlo Montero personal developer. It provides an online platform to order food from a restaurant or fast food chain. A security vulnerability exists in Food Ordering Management System v1.0, which was discovered to contain an...

Simple Cold Storage Management System 跨站请求伪造漏洞

Simple Cold Storage Management System is a Simple Cold Storage Management System by Carlo Montero Personal Developer. A security vulnerability exists in Simple Cold Storage Management System version 1.0, which stems from a change in the operation parameter password that could lead to cross-site...

Simple College Website 安全漏洞

Sourcecodester Simple College Website is Sourcecodester an open source application . A content management system. A security vulnerability exists in Simple College Website v1.0 that originates from a vulnerability that allows an attacker to execute arbitrary code via a crafted PHP file...