EUVD-2026-25991

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function Login of the file /admin/ajax.php?action=login. The manipulation of the argument e-mail results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2025-70866

LavaLite CMS 10.1.0 is vulnerable to Incorrect Access Control. An authenticated user with low-level privileges User role can directly access the admin backend by logging in through /admin/login. The vulnerability exists because the admin and user authentication guards share the same user provider...

CVE-2025-70866

LavaLite CMS 10.1.0 is vulnerable to Incorrect Access Control. An authenticated user with low-level privileges User role can directly access the admin backend by logging in through /admin/login. The vulnerability exists because the admin and user authentication guards share the same user provider...

CVE-2025-70866

LavaLite CMS 10.1.0 is vulnerable to Incorrect Access Control. An authenticated user with low-level privileges User role can directly access the admin backend by logging in through /admin/login. The vulnerability exists because the admin and user authentication guards share the same user provider...

CampCodes Advanced Online Voting Management System SQL注入漏洞

CampCodes Advanced Online Voting Management System is an advanced online voting management system from CampCodes Philippines, Inc. A SQL injection vulnerability exists in CampCodes Advanced Online Voting Management System version 1.0, which stems from an incorrect manipulation of the parameter...

Hostel Management System login.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter email in the file /justines/admin/login.php. An attacker can use this...

CVE-2025-10062

A vulnerability was determined in itsourcecode Student Information Management System 1.0. This affects an unknown part of the file /admin/login.php. Executing manipulation of the argument uname can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed...

itsourcecode Student Information Management System SQL注入漏洞

itsourcecode Student Information Management System is itsourcecode open source student information management system. SQL injection vulnerability exists in itsourcecode Student Information Management System version 1.0, the vulnerability stems from incorrect manipulation of the parameter uname in...

CVE-2025-8952

A vulnerability was found in Campcodes Online Flight Booking Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be...

CVE-2025-8952 Campcodes Online Flight Booking Management System Login ajax.php sql injection

A vulnerability was found in Campcodes Online Flight Booking Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be...

CVE-2025-8741 macrozheng mall login cleartext transmission

A vulnerability was found in macrozheng mall up to 1.0.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/login. The manipulation leads to cleartext transmission of sensitive information. The attack can be launched remotely. The...

CVE-2025-8741

CVE-2025-8741 concerns macrozheng mall up to version 1.0.3. The vulnerability affects an unknown functionality of the /admin/login URL and leads to cleartext transmission of sensitive information. It can be exploited remotely with high attack complexity and without user interaction. Exploit detai...

CVE-2025-3351

A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotel...

1000 Projects Attendance Tracking Management System 注入漏洞

1000 Projects Attendance Tracking Management System is an open source attendance management system from 1000 Projects. An injection vulnerability exists in 1000 Projects Attendance Tracking Management System version 1.0, which originates from the parameter adminusername in the file...

CVE-2024-1927

A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file /Admin/login.php. The manipulation of the argument txtpassword leads to sql injection. The attack can be launched...

PT-2024-16018 · Sourcecodester · Sourcecodester Employee Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee Management System version 1.0 Description: A critical issue affects some unknown functionality of the file /Admin/login.php. The manipulation of the txtusername argument leads to sql injection. The attack can be launch...

Pharmacy Point Of Sale System SQL注入漏洞

Pharmacy Point Of Sale System is a web-based application by Carlo Montero, an individual developer. It is used to help a pharmacy manage its sales transactions. A SQL injection vulnerability exists in Pharmacy Point of Sale System version 1.0, which can be exploited via the useremail parameter in...

CVE-2019-6243

Frog CMS 0.9.5 allows XSS via the forgot password page aka the /admin/?/login/forgot URI...

Multiple Xss exploits in Chipmunk Board

Subject: Multiple Xss exploits in Chipmunk Board Date: 27 May 2006 10:51:30 -0000 Multiple Xss exploits in Chipmunk Board forum type : Chipmunk Board bug found by : black-code&sweet-devil team : site-down type : Xss black-code: codes :...