Lucene search
K

608 matches found

CNNVD
CNNVD
added 2025/08/03 12:0 a.m.7 views

Code-Projects Intern Membership Management System 注入漏洞

Code-Projects Intern Membership Management System is a Code-Projects open source intern membership management system. Code-Projects Intern Membership Management System version 1.0 suffers from an injection vulnerability, which originates from a SQL injection due to incorrect operation of the...

9.8CVSS7.8AI score0.00453EPSS
Exploits1References6
OSV
OSV
added 2025/07/31 12:15 p.m.5 views

CVE-2025-8382

A vulnerability, which was classified as critical, was found in Campcodes Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/editroom.php. The manipulation of the argument roomid leads to sql injection. It is possible to launch the attack remotely. The exploit...

8.8CVSS5.7AI score0.00439EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.3 views

CampCodes Online Hotel Reservation System 代码问题漏洞

CampCodes Online Hotel Reservation System is an online hotel reservation system from CampCodes Philippines. A code issue vulnerability exists in version 1.0 of the Campcodes Online Hotel Reservation System, which stems from the incorrect operation of the parameter photo in the file...

7.2CVSS5.2AI score0.00452EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.3 views

CampCodes Online Hotel Reservation System 注入漏洞

CampCodes Online Hotel Reservation System is an online hotel reservation system from CampCodes Philippines. An injection vulnerability exists in Campcodes Online Hotel Reservation System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter roomid in th...

8.8CVSS6.8AI score0.00439EPSS
Exploits1References5
OSV
OSV
added 2025/07/27 6:15 p.m.3 views

CVE-2025-8236

A vulnerability was found in code-projects Online Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/editproduct.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has...

9.8CVSS5.8AI score0.00498EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/27 12:0 a.m.3 views

Code-Projects Online Ordering System 注入漏洞

Code-Projects Online Ordering System is a Code-Projects open source online ordering system. An injection vulnerability exists in Code-Projects Online Ordering System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter Name in the file...

9.8CVSS7.7AI score0.00498EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/07/25 12:0 a.m.6 views

Code-Projects Church Donation System 代码注入漏洞

Code-Projects Church Donation System is an open source church donation system by Code-Projects. A code injection vulnerability exists in Code-Projects Church Donation System version 1.0, which originates from cross-site scripting due to misbehavior of the parameter fname in the file...

5.4CVSS4.9AI score0.00311EPSS
Exploits1References6
OSV
OSV
added 2025/07/18 1:15 a.m.4 views

CVE-2025-7767

A vulnerability, which was classified as problematic, has been found in PHPGurukul Art Gallery Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/edit-art-medium-detail.php. The manipulation of the argument artmed leads to cross site scripting. The atta...

5.4CVSS3.8AI score0.00234EPSS
Exploits1References5
OSV
OSV
added 2025/07/17 9:15 p.m.4 views

CVE-2025-7755

A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/editproduct.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The explo...

8.8CVSS5.5AI score0.00397EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/17 12:0 a.m.3 views

Code-Projects Online Ordering System 代码问题漏洞

Online Ordering System is an online ordering system. A file upload vulnerability exists in Online Ordering System that stems from a lack of valid validation of uploaded files by the parameter image in the file /admin/editproduct.php. No details of the vulnerability are available at this time...

8.8CVSS6.6AI score0.00397EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/30 12:0 a.m.4 views

PHPGurukul Old Age Home Management System 安全漏洞

PHPGurukul Old Age Home Management System is a nursing home management system from PHPGurukul, Inc. A security vulnerability exists in version 1.0 of the PHPGurukul Old Age Home Management System, which originates from a SQL injection due to incorrect manipulation of the parameter sertitle in the...

8.8CVSS6.8AI score0.00341EPSS
Exploits1References6
OSV
OSV
added 2025/06/29 4:15 a.m.7 views

CVE-2025-6842

A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edituser.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

7.2CVSS5.8AI score0.0033EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/29 12:0 a.m.2 views

PHPGurukul Local Services Search Engine Management System 注入漏洞

Local Services Search Engine Management System is a local services search engine management system. Local Services Search Engine Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of the editid parameter in the file...

9.8CVSS7.8AI score0.00399EPSS
Exploits1References6
CNVD
CNVD
added 2025/06/27 12:0 a.m.1 views

Simple Online Hotel Reservation System edit_room.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter roomtype in the file...

9.8CVSS8.3AI score0.00448EPSS
Exploits1References1
CNVD
CNVD
added 2025/06/27 12:0 a.m.2 views

Art Gallery Management System edit-art-medium-detail.php File SQL Injection Vulnerability

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of an externally-entered SQL statement in the parameter editid in the file /admin/edit-art-medium-detail.php. A...

8.8CVSS8.2AI score0.00361EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.4 views

itsourcecode Employee Management System 注入漏洞

itsourcecode Employee Management System is itsourcecode open source employee management system. An injection vulnerability exists in itsourcecode Employee Management System version 1.0, which stems from improper handling of the parameter FirstName in the file /admin/editempprofile.php, which can...

7.2CVSS5.7AI score0.0033EPSS
Exploits1References6
OSV
OSV
added 2025/06/21 9:15 p.m.4 views

CVE-2025-6419

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/editroom.php. The manipulation of the argument roomtype leads to sql injection. It is possible to initiate the attack remotely...

9.8CVSS5.8AI score
Exploits0References5
CNNVD
CNNVD
added 2025/06/21 12:0 a.m.1 views

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter roomtype in the file...

9.8CVSS7.9AI score0.00448EPSS
Exploits1References6
OSV
OSV
added 2025/06/13 8:45 p.m.5 views

GHSA-J7P2-87Q3-44W7 XWiki does not require right warnings for notification displayer objects

Impact When a user without script right creates a document with an XWiki.Notifications.Code.NotificationDisplayerClass object, and later an admin edits and saves that document, the possibly malicious content of that object is output as raw HTML, allowing XSS attacks. While the notification...

6.4CVSS6.2AI score0.00352EPSS
Exploits1References5
OSV
OSV
added 2025/06/13 8:41 p.m.5 views

GHSA-FF6V-W58F-V97W XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right

Impact When a user without script right creates a document with an XWiki.Notifications.Code.NotificationEmailRendererClass object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can be executed, though, as whi...

5.1CVSS7.2AI score0.00223EPSS
Exploits1References5
Rows per page
Query Builder