Lucene search
K

177 matches found

CNVD
CNVD
added 2025/06/27 12:0 a.m.3 views

Simple Online Hotel Reservation System delete_room.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter roomid in the file...

9.8CVSS8.3AI score0.00394EPSS
Exploits1References1
OSV
OSV
added 2025/06/22 2:15 a.m.6 views

CVE-2025-6451

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/deletepending.php. The manipulation of the argument transactionid leads to sql injection. The attack can be initiated...

9.8CVSS5.7AI score0.00394EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/05/26 12:0 a.m.5 views

Projectworlds Responsive E-Learning System 安全漏洞

Projectworlds Responsive E-Learning System is a responsive e-learning system from Projectworlds India. A security vulnerability exists in Projectworlds Responsive E-Learning System version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter ID in the file...

9.8CVSS7.8AI score0.00412EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.4 views

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...

8.4CVSS8.5AI score0.00238EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:18 p.m.8 views

CVE-2021-32008

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a Pathname to restricted directory, allows logged in GateManager admin to delete system Files or Directories...

9.9CVSS6.9AI score0.00981EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/17 12:0 a.m.5 views

SourceCodester Doctors Appointment System 注入漏洞

SourceCodester Doctors Appointment System is SourceCodester open source a doctor appointment system. An injection vulnerability exists in SourceCodester Doctors Appointment System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter ID in the file...

9.8CVSS7.8AI score0.00421EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/05/17 12:0 a.m.4 views

SourceCodester Doctors Appointment System 注入漏洞

SourceCodester Doctors Appointment System is SourceCodester open source a doctor appointment system. An injection vulnerability exists in SourceCodester Doctors Appointment System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter ID in the file...

9.8CVSS7.7AI score0.00421EPSS
Exploits1References7
OSV
OSV
added 2025/04/13 12:15 p.m.2 views

CVE-2025-3536

A vulnerability was found in Tutorials-Website Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/delete-user.php. The manipulation of the argument ID leads to improper authorization. The attack may be launched...

6.9CVSS6.2AI score0.00617EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/02/06 12:0 a.m.5 views

PT-2025-5882 · Codeastro · Codeastro Complaint Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Complaint Management System version 1.0 Description: The issue concerns incorrect access control in the endpoint "/admin/m delete.php" that allows unauthorized attackers to delete complaints arbitrarily by modifying the id parameter...

7.5CVSS6.6AI score0.00666EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.4 views

PT-2025-3835 · Code Projects · Cinema Seat Reservation System

Name of the Vulnerable Software and Affected Versions: code-projects Cinema Seat Reservation System version 1.0 Description: A critical issue has been found in the Cinema Seat Reservation System. It affects an unknown functionality of the file /admin/deleteBooking.php. The manipulation of the id...

9.8CVSS7.8AI score0.00627EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.6 views

Code-Projects Chat System 安全漏洞

Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that originates from a SQL injection in the parameter id of the /admin/deleteuser.php file. An attacker can exploit this vulnerability to obtain sensitive information...

7.5CVSS7.7AI score0.00437EPSS
Exploits1References5
OSV
OSV
added 2024/12/09 7:15 p.m.3 views

CVE-2024-54934

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteclass.php...

9.8CVSS5.8AI score0.00496EPSS
Exploits1References1
OSV
OSV
added 2024/12/09 7:15 p.m.6 views

CVE-2024-54931

A SQL Injection was found in /admin/deleteevent.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...

9.8CVSS6.1AI score0.00583EPSS
Exploits1References1
OSV
OSV
added 2024/12/09 7:15 p.m.3 views

CVE-2024-54928

kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteteacher.php,...

7.2CVSS5.8AI score0.00475EPSS
Exploits1References1
OSV
OSV
added 2024/12/09 2:15 p.m.3 views

CVE-2024-54929

KASHIPARA E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletesubject.php...

7.2CVSS5.8AI score0.00493EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.5 views

PT-2024-36448 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-Learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete student.php endpoint. This vulnerability allows for potential exploitation. Recommendations: For Kashipara...

9.8CVSS7.5AI score0.00479EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deleteclass.php...

9.8CVSS7.9AI score0.00496EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.7 views

PT-2024-36449 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL Injection issue was found in the /admin/delete event.php endpoint, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized database access via the...

9.8CVSS8.7AI score0.00583EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.3 views

PT-2024-36447 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete subject.php endpoint. This vulnerability allows for potential exploitation by injecting malicious SQL code...

7.2CVSS7.6AI score0.00493EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36451 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete content.php endpoint. This vulnerability allows for potential exploitation by injecting malicious SQL code...

9.8CVSS7.5AI score0.00479EPSS
Exploits1References5
Rows per page
Query Builder