Lucene search
K

435 matches found

Cvelist
Cvelist
added 2026/07/05 4:30 p.m.38 views

CVE-2026-14764 code-projects Hotel and Tourism Reservation Event Management add_event.php sql injection

A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. This impacts an unknown function of the file /admin/addevent.php of the component Event Management Page. Such manipulation of the argument fdetails leads to sql injection. The attack can be launched remotely. The...

7.5CVSS0.00269EPSS
Exploits0References6
NVD
NVD
added 2026/07/05 3:16 p.m.9 views

CVE-2026-14756

A vulnerability was found in code-projects Hotel and Tourism Reservation 1.0. Affected by this issue is some unknown functionality of the file /admin/addtour.php of the component Tour Management Page. The manipulation of the argument deleteimage results in sql injection. The attack may be launche...

7.5CVSS0.00269EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/05 2:30 p.m.9 views

EUVD-2026-41763

A vulnerability was found in code-projects Hotel and Tourism Reservation 1.0. Affected by this issue is some unknown functionality of the file /admin/addtour.php of the component Tour Management Page. The manipulation of the argument deleteimage results in sql injection. The attack may be launche...

7.5CVSS6.7AI score0.00269EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/05 2:0 p.m.9 views

EUVD-2026-41760

A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. Affected is an unknown function of the file /admin/addroom.php. Executing a manipulation of the argument deleteimage/edit/description/number/price/rooms/type can lead to sql injection. The attack can be launched remotely. T...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.12 views

PT-2026-55804

Name of the Vulnerable Software and Affected Versions code-projects Hotel and Tourism Reservation version 1.0 Description An issue exists in the Tour Management Page component within the '/admin/add tour.php' endpoint. Remote attackers can perform a SQL injection by manipulating the delete image...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.10 views

PT-2026-55814

Name of the Vulnerable Software and Affected Versions code-projects Hotel and Tourism Reservation version 1.0 Description An issue exists in the Event Management Page component within the file /admin/add event.php. Remote manipulation of the fdetails argument allows for SQL injection, a technique...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.12 views

PT-2026-55800

Name of the Vulnerable Software and Affected Versions code-projects Hotel and Tourism Reservation version 1.0 Description A remote SQL injection flaw exists in the /admin/add room.php endpoint. The issue occurs when manipulating the delete image, edit, description, number, price, rooms, or type...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/06/08 11:30 a.m.12 views

CVE-2026-11510

A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/addleave.php. Performing a manipulation of the argument typeofleave results in sql injection. It is possible to initiate the attack remotely. The exploit has been released...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/08 11:30 a.m.14 views

EUVD-2026-35050

A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/addleave.php. Performing a manipulation of the argument typeofleave results in sql injection. It is possible to initiate the attack remotely. The exploit has been released...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
CVE
CVE
added 2026/06/08 11:30 a.m.26 views

CVE-2026-11510

CVE-2026-11510 affects CodeAstro Leave Management System 1.0. The vulnerability resides in an unknown area of the file /admin/add_leave.php, where manipulating the argument type_of_leave leads to an SQL injection. The issue can be exploited remotely, and public exploit activity is noted. The CVSS...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47273

A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/add leave.php. Performing a manipulation of the argument type of leave results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS6.5AI score0.002EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.15 views

PT-2026-45407

A weakness has been identified in itsourcecode Content Management System 1.0. Impacted is an unknown function of the file /admin/add sub topic.php. This manipulation of the argument topic id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made availab...

6.5CVSS5.7AI score0.002EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/05/28 8:13 p.m.12 views

CVE-2026-9542

A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:0 p.m.9 views

CVE-2026-9542

A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/26 12:0 p.m.13 views

EUVD-2026-31815

A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/17 3:31 p.m.7 views

EUVD-2026-23426

A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of the component Background Management Page. The manipulation of the argument image results in unrestricted upload. The...

6.5CVSS6.1AI score0.00257EPSS
Exploits0References5
NVD
NVD
added 2026/04/09 5:16 a.m.6 views

CVE-2026-5839

A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknown processing of the file /admin/add-subcategory.php. Such manipulation of the argument sucatdescription leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

5.8CVSS0.00202EPSS
Exploits0References5
CVE
CVE
added 2026/04/09 3:30 a.m.12 views

CVE-2026-5838

The CVE concerns PHPGurukul News Portal Project 4.1. A vulnerability exists in unknown code of the file /admin/add-subadmins.php where manipulation of the argument sadminusername leads to SQL injection. The attack may be initiated remotely, and the exploit has been publicly disclosed and may be u...

5.8CVSS5.8AI score0.00202EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.11 views

PHPGurukul News Portal Project SQL注入漏洞

PHPGurukul News Portal Project is a news portal project of PHPGurukul Corporation. Version 4.1 of the PHPGurukul News Portal Project has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter sucatdescription in the file admin/add-subcategory.php, which...

5.8CVSS5.8AI score0.00202EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/07 10:51 a.m.8 views

CVE-2026-5643

A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...

4.8CVSS4.3AI score0.00206EPSS
Exploits0References1
Rows per page
Query Builder