CVE-2026-10558

SourceCodester Pizzafy Ecommerce System 1.0 has a remote file inclusion in /admin/index.php caused by manipulating the page parameter. The vulnerability affects an unknown function and can be exploited remotely; the exploit is publicly available. CVSS metrics in the sources show MEDIUM severity (...

PT-2026-29221

A vulnerability was determined in code-projects Student Membership System 1.0. The impacted element is an unknown function of the file /admin/index.php of the component Admin Login. This manipulation of the argument username/password causes sql injection. Remote exploitation of the attack is...

CVE-2026-3042 itsourcecode Event Management System index.php sql injection

A vulnerability was detected in itsourcecode Event Management System 1.0. The affected element is an unknown function of the file /admin/index.php. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit is now public a...

PT-2026-5424

Name of the Vulnerable Software and Affected Versions itsourcecode Directory Management System version 1.0 Description A security issue exists in itsourcecode Directory Management System. The issue involves SQL injection, triggered by manipulating the Username argument. This can be initiated...

CVE-2025-13561

This CVE concerns SourceCodester Company Website CMS 1.0. The vulnerability exists in the /admin/index.php code where manipulation of the Username parameter enables SQL injection. Remote exploitation is possible, and public exploit disclosure is noted. Multiple connected sources corroborate the i...

SourceCodester Company Website CMS SQL注入漏洞

SourceCodester Company Website CMS is a SourceCodester open source content management system. A SQL injection vulnerability exists in SourceCodester Company Website CMS version 1.0, which originates from the incorrect operation of the parameter Username in the file /admin/index.php, which may lea...

CVE-2025-12336

A vulnerability was identified in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file /admin/adminindex.php. Such manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit is...

Sergestec Exito 跨站脚本漏洞

Sergestec Exito is a sales platform from Sergestec, Inc. A cross-site scripting vulnerability exists in Sergestec Exito version v8.0, which stems from insufficient validation of user input for the parameter obs in the file /admin/index.php, which could lead to a stored cross-site scripting attack...

EUVD-2006-6703

Malware in sbrugna...

EUVD-2022-38888

Malicious code in bioql PyPI...

EUVD-2025-29740

Malicious code in bioql PyPI...

EUVD-2021-27841

Malicious code in bioql PyPI...

itsourcecode Open Source Job Portal SQL注入漏洞

itsourcecode Open Source Job Portal is an enterprise portal site of itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Open Source Job Portal, which stems from incorrect manipulation of the parameter ID in the file /admin/employee/index.php, which could...

CVE-2025-10601 SourceCodester Online Exam Form Submission index.php sql injection

A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. Affected is an unknown function of the file /admin/index.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...

CVE-2025-10482

SourceCodester Online Student File Management System 1.0 is affected by a SQL injection in /admin/index.php where manipulating the Username parameter enables remote exploitation. The vulnerability stems from an input handling issue in an unknown function, leading to potential disclosure/modificat...

CVE-2025-9920

CVE-2025-9920 affects Campcodes Recruitment Management System 1.0. The vulnerability is a remote file inclusion via the include of /admin/index.php, triggered by manipulating the page parameter. Several sources describe exploitation being publicly released and feasible remotely. Practical impact ...

CVE-2025-8166

A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php of the component HTTP POST Request Handler. The manipulation of the argument Username leads to sql injection. It is possible to...

CVE-2025-6447

A vulnerability, which was classified as critical, was found in code-projects Simple Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. T...

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in the file...

Code-Projects Client Details System 注入漏洞

Client Details System is a client information system. Client Details System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in file /clientdetails/admin/index.php. An attacker can exploit this...