3 matches found
SourceCodester Train Station Ticketing System SQL注入漏洞
SourceCodester Train Station Ticketing System is SourceCodester open source a train station ticketing system. A SQL injection vulnerability exists in SourceCodester Train Station Ticketing System version 1.0, which stems from an incorrect operation of the function saveticket in the file /ajax.php...
CVE-2025-9503 Campcodes Online Loan Management System ajax.php sql injection
A security vulnerability has been detected in Campcodes Online Loan Management System 1.0. Affected is an unknown function of the file /ajax.php?action=saveborrower. The manipulation of the argument lastname leads to sql injection. Remote exploitation of the attack is possible. The exploit has be...
CVE-2020-15712
rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a crafted request to the ajaxGetFileByPath.php script containing hexadecimal encoded "dot dot" sequences %2f..%2f in the path parameter to view arbitrary files on the system...