608 matches found
Code-Projects Intern Membership Management System 注入漏洞
Code-Projects Intern Membership Management System is a Code-Projects open source intern membership management system. Code-Projects Intern Membership Management System version 1.0 suffers from an injection vulnerability, which originates from a SQL injection due to incorrect operation of the...
CVE-2025-8382
A vulnerability, which was classified as critical, was found in Campcodes Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/editroom.php. The manipulation of the argument roomid leads to sql injection. It is possible to launch the attack remotely. The exploit...
CampCodes Online Hotel Reservation System 代码问题漏洞
CampCodes Online Hotel Reservation System is an online hotel reservation system from CampCodes Philippines. A code issue vulnerability exists in version 1.0 of the Campcodes Online Hotel Reservation System, which stems from the incorrect operation of the parameter photo in the file...
CampCodes Online Hotel Reservation System 注入漏洞
CampCodes Online Hotel Reservation System is an online hotel reservation system from CampCodes Philippines. An injection vulnerability exists in Campcodes Online Hotel Reservation System version 1.0, which originates from a SQL injection due to incorrect manipulation of the parameter roomid in th...
CVE-2025-8236
A vulnerability was found in code-projects Online Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/editproduct.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has...
Code-Projects Online Ordering System 注入漏洞
Code-Projects Online Ordering System is a Code-Projects open source online ordering system. An injection vulnerability exists in Code-Projects Online Ordering System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter Name in the file...
Code-Projects Church Donation System 代码注入漏洞
Code-Projects Church Donation System is an open source church donation system by Code-Projects. A code injection vulnerability exists in Code-Projects Church Donation System version 1.0, which originates from cross-site scripting due to misbehavior of the parameter fname in the file...
CVE-2025-7767
A vulnerability, which was classified as problematic, has been found in PHPGurukul Art Gallery Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/edit-art-medium-detail.php. The manipulation of the argument artmed leads to cross site scripting. The atta...
CVE-2025-7755
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/editproduct.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The explo...
Code-Projects Online Ordering System 代码问题漏洞
Online Ordering System is an online ordering system. A file upload vulnerability exists in Online Ordering System that stems from a lack of valid validation of uploaded files by the parameter image in the file /admin/editproduct.php. No details of the vulnerability are available at this time...
PHPGurukul Old Age Home Management System 安全漏洞
PHPGurukul Old Age Home Management System is a nursing home management system from PHPGurukul, Inc. A security vulnerability exists in version 1.0 of the PHPGurukul Old Age Home Management System, which originates from a SQL injection due to incorrect manipulation of the parameter sertitle in the...
CVE-2025-6842
A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edituser.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...
PHPGurukul Local Services Search Engine Management System 注入漏洞
Local Services Search Engine Management System is a local services search engine management system. Local Services Search Engine Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of the editid parameter in the file...
Simple Online Hotel Reservation System edit_room.php File SQL Injection Vulnerability
Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter roomtype in the file...
Art Gallery Management System edit-art-medium-detail.php File SQL Injection Vulnerability
Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of an externally-entered SQL statement in the parameter editid in the file /admin/edit-art-medium-detail.php. A...
itsourcecode Employee Management System 注入漏洞
itsourcecode Employee Management System is itsourcecode open source employee management system. An injection vulnerability exists in itsourcecode Employee Management System version 1.0, which stems from improper handling of the parameter FirstName in the file /admin/editempprofile.php, which can...
CVE-2025-6419
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/editroom.php. The manipulation of the argument roomtype leads to sql injection. It is possible to initiate the attack remotely...
Code-Projects Simple Online Hotel Reservation System 注入漏洞
Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter roomtype in the file...
GHSA-J7P2-87Q3-44W7 XWiki does not require right warnings for notification displayer objects
Impact When a user without script right creates a document with an XWiki.Notifications.Code.NotificationDisplayerClass object, and later an admin edits and saves that document, the possibly malicious content of that object is output as raw HTML, allowing XSS attacks. While the notification...
GHSA-FF6V-W58F-V97W XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right
Impact When a user without script right creates a document with an XWiki.Notifications.Code.NotificationEmailRendererClass object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can be executed, though, as whi...