45 matches found
Code-Projects Online Bidding System SQL注入漏洞
Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /administrator/bidlist.php. An attacker can exploit this vulnerability...
PT-2025-39729
Name of the Vulnerable Software and Affected Versions code-projects Online Bidding System version 1.0 Description A flaw exists in code-projects Online Bidding System version 1.0 that allows for SQL injection. Manipulation of the ID argument in the file '/administrator/bidlist.php' can trigger th...
Online Bidding System bidupdate.php File SQL Injection Vulnerability
Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of file /administrator/bidupdate.php. An attacker can exploit this vulnerability t...
Online Bidding System remove.php File SQL Injection Vulnerability
Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter ID of the file /administrator/remove.php. An attacker can exploit this vulnerability ...
Online Bidding System weweee.php File SQL Injection Vulnerability
Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from insufficient validation of the parameter ID in the file /administrator/weweee.php. An attacker can use this vulnerability to obtain sensitive information from t...
Code-Projects Online Bidding System SQL注入漏洞
Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID in the file /administrator/wew.php. An attacker can exploit this vulnerability to...
CVE-2025-10795 code-projects Online Bidding System bidupdate.php sql injection
A vulnerability has been found in code-projects Online Bidding System 1.0. This affects an unknown part of the file /administrator/bidupdate.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...
CVE-2025-10791
CVE-2025-10791 affects code-projects Online Bidding System 1.0. The vulnerability is a SQL injection in the file /administrator/index.php, caused by manipulation of the aduser parameter. It is described as exploitable remotely and the exploit has been publicly available. Multiple connected source...
CVE-2025-10791 code-projects Online Bidding System index.php sql injection
A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available t...
Online Bidding System showprod.php File SQL Injection Vulnerability
Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /showprod.php. An attacker can exploit this vulnerability to execute...
Code-Projects Online Bidding System 注入漏洞
Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of file /details.php. An attacker can exploit this vulnerability to execute illega...
Code-Projects Online Bidding System 注入漏洞
Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID in the file /bidnow.php. An attacker can exploit this vulnerability to execute...
CVE-2024-7911
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /simple-online-bidding-system/bidding/index.php. The manipulation of the argument page leads to file inclusion. It is possible to initiate the...
CVE-2024-7911 SourceCodester Simple Online Bidding System index.php file inclusion
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /simple-online-bidding-system/bidding/index.php. The manipulation of the argument page leads to file inclusion. It is possible to initiate the...
CVE-2024-7799
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/bidding/admin/users.php. The manipulation leads to improper authorization. The attack may be...
CVE-2024-7798
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/bidding/admin/ajax.php?action=login2. The manipulation of the argument username lead...
CVE-2024-7797
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. Affected is an unknown function of the file /simple-online-bidding-system/bidding/admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection. It is...
Simple Online Bidding System SQL注入漏洞
Simple Online Bidding System is an online bidding system by oretnom23 individual developer. A SQL injection vulnerability exists in Simple Online Bidding System version 1.0, which stems from an incorrect manipulation of the parameter id that can lead to sql injection...
Simple Online Bidding System SQL注入漏洞
Simple Online Bidding System is an online bidding system by oretnom23 individual developer. A SQL injection vulnerability exists in Simple Online Bidding System version 1.0, which stems from an incorrect manipulation of the parameter username that can lead to sql injection...
PT-2024-38591 · Unknown · Sourcecodester Simple Online Bidding System
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Online Bidding System version 1.0 Description: A critical vulnerability has been found in the software, affecting an unknown part of the file /simple-online-bidding-system/bidding/admin/ajax.php?action=delete product. Th...