240 matches found
EUVD-2026-10212
A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. This issue affects some unknown processing of the file /Adminsearch.php. The manipulation of the argument flightno results in sql injection. It is possible to launch the attack remotely. The exploit has been made...
CVE-2026-3705 code-projects Simple Flight Ticket Booking System Adminsearch.php sql injection
A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. This issue affects some unknown processing of the file /Adminsearch.php. The manipulation of the argument flightno results in sql injection. It is possible to launch the attack remotely. The exploit has been made...
PT-2026-23946
Name of the Vulnerable Software and Affected Versions itsourcecode University Management System version 1.0 Description A flaw exists in itsourcecode University Management System 1.0 that allows for SQL injection. The issue is located in the /admin search student.php file, specifically through...
itsourcecode University Management System SQL注入漏洞
itsourcecode University Management System is an open-source university management system developed by itsourcecode. Version 1.0 of itsourcecode University Management System has a SQL injection vulnerability. This vulnerability arises from manipulating the parameters in the file...
CVE-2026-26703
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/advancesearch.php...
CVE-2026-26703
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/advancesearch.php...
CVE-2024-55270
phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in studentms/admin/search.php via the searchdata parameter...
CVE-2024-55270
phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in studentms/admin/search.php via the searchdata parameter...
CVE-2024-55270
phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in studentms/admin/search.php via the searchdata parameter...
CVE-2024-55270
phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in studentms/admin/search.php via the searchdata parameter...
CVE-2024-55270
phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in studentms/admin/search.php via the searchdata parameter...
PHPGurukul Student Management System 安全漏洞
PHPGurukul Student Management System is a student management system developed by PHPGurukul Corporation. Version 1.0 of the phpgurukul Student Management System has a security vulnerability; this vulnerability stems from the searchdata parameter in the studentms/admin/search.php file, which is...
CVE-2024-55270
phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in studentms/admin/search.php via the searchdata parameter...
SourceCodester Online Class Record System SQL注入漏洞
The SourceCodester Online Class Record System is an open-source online classroom recording system developed by SourceCodester. Version 1.0 of the SourceCodester Online Class Record System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “term” ...
CVE-2026-23492
Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, an incomplete SQL injection patch in the Admin Search Find API allows an authenticated attacker to perform blind SQL injection. Although CVE-2023-30848 attempted to mitigate SQL injection by removing SQL...
Pimcore Has an Incomplete Patch for CVE-2023-30848
Summary An incomplete SQL injection patch in the Admin Search Find API allows an authenticated attacker to perform blind SQL injection. Although CVE-2023-30848 attempted to mitigate SQL injection by removing SQL comments -- and catching syntax errors, the fix is insufficient. Attackers can still...
SQL Injection
Overview pimcore/pimcore is a content & product management framework CMS/PIM/E-Commerce. Affected versions of this package are vulnerable to SQL Injection via the fields parameter in the admin search API endpoint. An attacker can access sensitive database information and potentially compromise th...
CVE-2026-23492
Pimcore Admin Search Find API exposes blind SQL injection due to an incomplete patch from CVE-2023-30848. Affected versions: Pimcore before 12.3.1 and before 11.5.14. Attack requires authenticated access to the admin interface and can disclose database information via blind SQL injection, potenti...
CVE-2026-23492 Pimcore has a Blind SQL Injection in Admin Search Find API due to an incomplete fix for CVE-2023-30848
Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, an incomplete SQL injection patch in the Admin Search Find API allows an authenticated attacker to perform blind SQL injection. Although CVE-2023-30848 attempted to mitigate SQL injection by removing SQL...
CVE-2026-23492 Pimcore has a Blind SQL Injection in Admin Search Find API due to an incomplete fix for CVE-2023-30848
Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, an incomplete SQL injection patch in the Admin Search Find API allows an authenticated attacker to perform blind SQL injection. Although CVE-2023-30848 attempted to mitigate SQL injection by removing SQL...