Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.6 views

CVE-2026-30557

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addcategory.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

5.4CVSS6AI score0.00252EPSS
Exploits1References1
CVE
CVE
added 2026/03/30 12:0 a.m.8 views

CVE-2026-30557

CVE-2026-30557 : A reflected XSS vulnerability exists in the open‑source product SourceCodester Sales and Inventory System 1.0 . The flaw is in the file add_category.php via the query parameter msg , where input is not properly sanitized, enabling remote attackers to inject arbitrary web script/H...

6.1CVSS6AI score0.00252EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/03/26 11:39 a.m.23 views

CVE-2018-25207 Online Quiz Maker 1.0 SQL Injection via catid Parameter

Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POST requests to quiz-system.php or add-category.php with crafted SQL payloads in POST parameters to...

7.1CVSS0.0027EPSS
Exploits0References4
OSV
OSV
added 2026/02/25 1:16 a.m.6 views

CVE-2026-3135

A weakness has been identified in itsourcecode News Portal Project 1.0. The impacted element is an unknown function of the file /admin/add-category.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has been made...

9.8CVSS5.8AI score
Exploits0References5
CVE
CVE
added 2026/02/25 12:2 a.m.13 views

CVE-2026-3135

CVE-2026-3135 affects itsourcecode News Portal Project 1.0. The vulnerable element is an unknown function in /admin/add-category.php where the Category argument can be manipulated to trigger an SQL injection. This allows remote initiation of an attack, and public exploit availability is noted. Mu...

9.8CVSS5.4AI score0.00333EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/20 3:12 p.m.13 views

CVE-2025-14952

A vulnerability was detected in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addcategory.php. Performing a manipulation of the argument txtCategoryName results in sql injection. The attack is possible to be carried out remotely. The exploit is now...

9.8CVSS7.2AI score0.00371EPSS
Exploits1References1
CVE
CVE
added 2025/08/15 11:32 a.m.21 views

CVE-2025-9050

Projectworlds Travel Management System 1.0 has a SQL injection in /addcategory.php caused by manipulating the t1 parameter. The vulnerability is remote-exploitable and the exploit has been publicly disclosed. Several connected sources confirm the affected file and parameter but do not provide a c...

9.8CVSS7.6AI score0.00387EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/29 5:48 p.m.8 views

CVE-2025-5249

A vulnerability has been found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-category.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. T...

9.8CVSS7.4AI score0.00415EPSS
Exploits1References1
OSV
OSV
added 2025/05/27 5:15 p.m.5 views

CVE-2025-5249

A vulnerability has been found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-category.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. T...

9.8CVSS5.8AI score0.00415EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/05/27 12:0 a.m.3 views

PHPGurukul News Portal Project 注入漏洞

News Portal Project is a news portal project. News Portal Project suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements for the parameter Category in the file /admin/add-category.php. An attacker can exploit this vulnerability ...

9.8CVSS7.8AI score0.00415EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.3 views

PHPGurukul Vehicle Parking Management System 注入漏洞

PHPGurukul Vehicle Parking Management System is a parking management system from PHPGurukul. An injection vulnerability exists in PHPGurukul Vehicle Parking Management System version 1.13, which results from SQL injection due to incorrect manipulation of the parameter catename in the file...

9.8CVSS7.7AI score0.00421EPSS
Exploits1References5
OSV
OSV
added 2025/04/20 12:15 p.m.3 views

CVE-2025-3825

A vulnerability, which was classified as problematic, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected by this issue is some unknown functionality of the file add-category.php. The manipulation of the argument txtcategoryname leads to cross site scriptin...

4.1CVSS4AI score0.00324EPSS
Exploits1References4
Rows per page
Query Builder