76 matches found
PT-2025-38746
Name of the Vulnerable Software and Affected Versions Campcodes Online Beauty Parlor Management System version 1.0 Description A security issue exists in Campcodes Online Beauty Parlor Management System 1.0. The issue involves potential SQL injection due to manipulation of the fromdate/todate...
PHPGurukul Vehicle Parking Management System 注入漏洞
PHPGurukul Vehicle Parking Management System is a parking management system from PHPGurukul. An injection vulnerability exists in PHPGurukul Vehicle Parking Management System version 1.13, which originates from SQL injection due to incorrect operation of the parameter fromdate/todate in the file...
PT-2025-26595 · Brain2 · Brain2
Name of the Vulnerable Software and Affected Versions: BRAIN2 versions 0.0 through 3.05 Description: A script can be integrated into a report on a client with a non-admin user. The reports could later be executed on the BRAIN2 server with administrator rights, potentially allowing for code...
CVE-2025-5554
A vulnerability, which was classified as critical, has been found in PHPGurukul Rail Pass Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/pass-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The...
📄 Campcodes Online Hospital Management System 1.0 SQL Injection
Campcodes Online Hospital Management System version 1.0 suffers from a remote SQL injection vulnerability. Exploit Title: Campcodes Online Hospital Management System 1.0 - SQL Injection Google Dork: N/A Exploit Author: Carine Constantino Vendor Homepage: https://www.campcodes.com Software Link:...
CVE-2023-26774
An issue found in Sales Tracker Management System v.1.0 allows a remote attacker to access sensitive information via sales.php component of the admin/reports endpoint...
CVE-2023-29985
Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.phpdatefrom has a SQL Injection vulnerability...
CVE-2020-6114
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS Commit bb274de1751ffb9d09482fd2538f9950a94c510a . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this...
CVE-2025-4151
A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/pass-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated...
CVE-2025-3829
A vulnerability was found in PHPGurukul Men Salon Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/sales-reports-detail.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch the attack...
PHPGurukul Men Salon Management System 注入漏洞
PHPGurukul Men Salon Management System is a men's salon management system from PHPGurukul. An injection vulnerability exists in version 1.0 of the PHPGurukul Men Salon Management System, which originates from a SQL injection due to incorrect manipulation of the parameter fromdate/todate in file...
SourceCodester Online Eyewear Shop SQL注入漏洞
SourceCodester Online Eyewear Shop is a SourceCodester open source online eyewear store website project developed using PHP and MySQL, which provides an online shopping and ordering platform for eyewear business and its potential customers. A SQL injection vulnerability exists in SourceCodester...
CVE-2024-44798
phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting XSS in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters...
CVE-2024-44798
phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting XSS in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters...
CVE-2024-33966
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'xtsearch' in...
CVE-2024-33980
Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/printreport.php'...
PayPal,Credit Card and Debit Card Payment SQL注入漏洞
PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe individual developer. A SQL injection vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can use this vulnerability to send a specially crafted quer...
PayPal,Credit Card and Debit Card Payment 跨站脚本漏洞
PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe Personal Developer. A cross-site scripting vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can create a specially crafted URL and send it to a...
PayPal,Credit Card and Debit Card Payment SQL注入漏洞
PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe individual developer. A SQL injection vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can use this vulnerability to send a specially crafted quer...
PT-2024-25613 · Paypal · Paypal
Name of the Vulnerable Software and Affected Versions: PayPal, Credit Card and Debit Card Payment version 1.0 Description: A Cross-Site Scripting XSS issue allows an attacker to create a specially crafted URL and send it to a victim to obtain details of their session cookie via the start paramete...