Lucene search
K

76 matches found

Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.8 views

PT-2025-38746

Name of the Vulnerable Software and Affected Versions Campcodes Online Beauty Parlor Management System version 1.0 Description A security issue exists in Campcodes Online Beauty Parlor Management System 1.0. The issue involves potential SQL injection due to manipulation of the fromdate/todate...

8.8CVSS6.4AI score0.00351EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/07/13 12:0 a.m.5 views

PHPGurukul Vehicle Parking Management System 注入漏洞

PHPGurukul Vehicle Parking Management System is a parking management system from PHPGurukul. An injection vulnerability exists in PHPGurukul Vehicle Parking Management System version 1.13, which originates from SQL injection due to incorrect operation of the parameter fromdate/todate in the file...

8.8CVSS6.9AI score0.00318EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/06/23 12:0 a.m.5 views

PT-2025-26595 · Brain2 · Brain2

Name of the Vulnerable Software and Affected Versions: BRAIN2 versions 0.0 through 3.05 Description: A script can be integrated into a report on a client with a non-admin user. The reports could later be executed on the BRAIN2 server with administrator rights, potentially allowing for code...

10CVSS6.9AI score0.00465EPSS
Exploits0References7
OSV
OSV
added 2025/06/04 3:15 a.m.6 views

CVE-2025-5554

A vulnerability, which was classified as critical, has been found in PHPGurukul Rail Pass Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/pass-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The...

8.8CVSS5.8AI score0.00325EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2025/05/29 12:0 a.m.83 views

📄 Campcodes Online Hospital Management System 1.0 SQL Injection

Campcodes Online Hospital Management System version 1.0 suffers from a remote SQL injection vulnerability. Exploit Title: Campcodes Online Hospital Management System 1.0 - SQL Injection Google Dork: N/A Exploit Author: Carine Constantino Vendor Homepage: https://www.campcodes.com Software Link:...

9.8CVSS8.5AI score0.00758EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.4 views

CVE-2023-26774

An issue found in Sales Tracker Management System v.1.0 allows a remote attacker to access sensitive information via sales.php component of the admin/reports endpoint...

7.5CVSS6.6AI score0.01431EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:31 a.m.1 views

CVE-2023-29985

Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.phpdatefrom has a SQL Injection vulnerability...

9.8CVSS8AI score0.00877EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 p.m.10 views

CVE-2020-6114

An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS Commit bb274de1751ffb9d09482fd2538f9950a94c510a . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this...

7.2CVSS7.9AI score0.01727EPSS
Exploits1References1
OSV
OSV
added 2025/05/01 6:15 a.m.3 views

CVE-2025-4151

A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/pass-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated...

9.8CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2025/04/20 4:15 p.m.3 views

CVE-2025-3829

A vulnerability was found in PHPGurukul Men Salon Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/sales-reports-detail.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch the attack...

9.8CVSS5.8AI score0.00537EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/04/20 12:0 a.m.5 views

PHPGurukul Men Salon Management System 注入漏洞

PHPGurukul Men Salon Management System is a men's salon management system from PHPGurukul. An injection vulnerability exists in version 1.0 of the PHPGurukul Men Salon Management System, which originates from a SQL injection due to incorrect manipulation of the parameter fromdate/todate in file...

9.8CVSS7.7AI score0.00537EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.4 views

SourceCodester Online Eyewear Shop SQL注入漏洞

SourceCodester Online Eyewear Shop is a SourceCodester open source online eyewear store website project developed using PHP and MySQL, which provides an online shopping and ordering platform for eyewear business and its potential customers. A SQL injection vulnerability exists in SourceCodester...

9.8CVSS7.1AI score0.00501EPSS
Exploits1References6
OSV
OSV
added 2024/09/13 4:15 p.m.3 views

CVE-2024-44798

phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting XSS in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters...

4.8CVSS5.8AI score0.00309EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/13 12:0 a.m.11 views

CVE-2024-44798

phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting XSS in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters...

6.2AI score0.00309EPSS
Exploits1References1
OSV
OSV
added 2024/08/06 12:15 p.m.5 views

CVE-2024-33966

SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'xtsearch' in...

7.5CVSS5.8AI score0.00454EPSS
Exploits0References1
OSV
OSV
added 2024/08/06 11:16 a.m.6 views

CVE-2024-33980

Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/printreport.php'...

6.1CVSS5.8AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.5 views

PayPal,Credit Card and Debit Card Payment SQL注入漏洞

PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe individual developer. A SQL injection vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can use this vulnerability to send a specially crafted quer...

9.8CVSS7.5AI score0.00454EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.5 views

PayPal,Credit Card and Debit Card Payment 跨站脚本漏洞

PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe Personal Developer. A cross-site scripting vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can create a specially crafted URL and send it to a...

7.1CVSS6.1AI score0.00267EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.5 views

PayPal,Credit Card and Debit Card Payment SQL注入漏洞

PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe individual developer. A SQL injection vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can use this vulnerability to send a specially crafted quer...

9.8CVSS7.5AI score0.00461EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.5 views

PT-2024-25613 · Paypal · Paypal

Name of the Vulnerable Software and Affected Versions: PayPal, Credit Card and Debit Card Payment version 1.0 Description: A Cross-Site Scripting XSS issue allows an attacker to create a specially crafted URL and send it to a victim to obtain details of their session cookie via the start paramete...

7.1CVSS5.9AI score0.00267EPSS
Exploits0References5
Rows per page
Query Builder