EUVD-2026-34063

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

CVE-2018-25195

Wecodex Hotel CMS 1.0 contains an SQL injection vulnerability in the admin login functionality that allows unauthenticated attackers to bypass authentication by injecting SQL code. Attackers can submit malicious SQL payloads through the username parameter in POST requests to index.php with...

CVE-2026-2087

A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. This manipulation of the argument useremail causes sql injection. The attack may be initiated remotely. The exploit has been published and may...

CVE-2026-2087

A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. This manipulation of the argument useremail causes sql injection. The attack may be initiated remotely. The exploit has been published and may...

CVE-2025-12208

SourceCodester Best House Rental Management System 1.0 is affected by a SQL injection in the login2 function of /admin_class.php, caused by improper handling of the Username argument. The vulnerability allows remote exploitation, and public proof-of-concept exploits exist. Red Hat/EUVD/NVD refere...

CVE-2025-11118

A vulnerability was identified in CodeAstro Student Grading System 1.0. This issue affects some unknown processing of the file /adminLogin.php. Such manipulation of the argument staffId leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be...

CVE-2025-11422

A vulnerability has been found in Campcodes Advanced Online Voting Management System 1.0. The impacted element is an unknown function of the file /admin/login.php. Such manipulation of the argument Username leads to sql injection. The attack can be executed remotely. The exploit has been disclose...

EUVD-2006-6901

Malware in sbrugna...

EUVD-2007-6630

Malware in sbrugna...

EUVD-2008-5773

Malware in sbrugna...

EUVD-2008-6680

Malware in sbrugna...

CVE-2025-11118

The CVE-2025-11118 entry affects CodeAstro Student Grading System 1.0. A flaw in handling the staffId parameter in /adminLogin.php allows SQL injection, with remote exploitation and public proof-of-concept exploits. Impact is indicated as high in multiple sources, including NVD metrics; exploitat...

CVE-2025-54336

In Plesk Obsidian 18.0.70, isAdminPasswordValid uses an == comparison. Thus, if the correct password is "0e" followed by any digit string, then an attacker can login with any other string that evaluates to 0.0 such as the 0e0 string. This occurs in admin/plib/LoginManager.php...

CVE-2025-54336

CVE-2025-54336 (Plesk Obsidian 18.0.70) is a vulnerability where _isAdminPasswordValid uses a weak == comparison in admin/plib/LoginManager.php, enabling authentication bypass if the correct password has the form "0e" followed by digits. This can let an attacker log in with strings evaluating to ...

CVE-2025-8742

CVE-2025-8742 affects macrozheng mall 1.0.3, specifically the Admin Login component. The root cause is improper restriction of excessive authentication attempts, enabling remote exploitation. Documents note the attack requires high complexity and that exploitation is difficult, with vendor not re...

CVE-2024-12663 funnyzpc Mee-Admin Login login observable response discrepancy

A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This vulnerability affects unknown code of the file /mee/login of the component Login. The manipulation of the argument username leads to observable response discrepancy. The attack can be initiated remotely. The...

Project Worlds Student Project Allocation System Security Vulnerability

Project Worlds Student Project Allocation System is a student project allocation system from Project Worlds. A security vulnerability exists in Project Worlds Student Project Allocation System version 1.0, which stems from the parameter msg in the file adminlogin.php that can lead to cross-site...

CVE-2023-23155

Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the username parameter in the Admin Login...

Sql injection

Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the username parameter in the Admin Login...

CVE-2022-24131

DouPHP v1.6 Release 20220121 is affected by Cross Site Scripting XSS through /admin/login.php in the background, which will lead to JavaScript code execution...