53 matches found
CVE-2023-49985
A cross-site scripting XSS vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter...
Simple Food Ordering System addcategory.php file cross-site scripting vulnerability
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter cname in the file /addcategory.php, which can be exploite...
CVE-2025-12300
A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname causes cross site scripting. The attack can be initiated remotely. The exploit has been made available ...
CVE-2025-12300
A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname causes cross site scripting. The attack can be initiated remotely. The exploit has been made available ...
CVE-2025-12300
A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname causes cross site scripting. The attack can be initiated remotely. The exploit has been made available ...
CVE-2025-12300
The CVE-2025-12300 entry concerns code-projects Simple Food Ordering System 1.0. A cross-site scripting vulnerability exists in the /addcategory.php handler via the cname parameter, originating from insufficient input filtering/escaping. Exploitation is remote and public in some reports. Affected...
Code-Projects Simple Food Ordering System 代码注入漏洞
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter cname in the file /addcategory.php, which can be exploite...
PT-2025-43994
Name of the Vulnerable Software and Affected Versions Simple Food Ordering System version 1.0 Description A weakness exists in the processing of the /addcategory.php file. Manipulation of the cname argument can lead to cross site scripting. The attack can be initiated remotely. The exploit has be...
Simple Food Ordering System editcategory.php File SQL Injection Vulnerability
Simple Food Ordering System is a simple food ordering system. The Simple Food Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cname in the file editcategory.php. An attacker can exploit th...
Simple Food Ordering System /addcategory.php File SQL Injection Vulnerability
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter cname in the file /addcategory.php. An attacker can use this...
CVE-2025-11613
A vulnerability was found in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file /addcategory.php. The manipulation of the argument cname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2025-11613 code-projects Simple Food Ordering System addcategory.php sql injection
A vulnerability was found in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file /addcategory.php. The manipulation of the argument cname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...
EUVD-2025-33862
A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...
CVE-2025-11600 code-projects Simple Food Ordering System editcategory.php sql injection
A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...
CVE-2025-11600 code-projects Simple Food Ordering System editcategory.php sql injection
A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...
Code-Projects Simple Food Ordering System SQL注入漏洞
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter cname in the file /addcategory.php. An attacker can use this...
PT-2025-41699
Name of the Vulnerable Software and Affected Versions Simple Food Ordering System version 1.0 Description A flaw exists in Simple Food Ordering System 1.0, specifically within the /addcategory.php file. Manipulation of the cname argument can lead to SQL injection. This issue is remotely...
Code-Projects Simple Food Ordering System SQL注入漏洞
Simple Food Ordering System is a simple food ordering system. The Simple Food Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cname in the file editcategory.php. An attacker can exploit th...
CVE-2025-10597
A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This vulnerability affects unknown code of the file /Profilers/PriProfile/COUNT2.php. This manipulation of the argument cname causes sql injection. The attack may be initiated remotely...
CVE-2025-10597 kidaze CourseSelectionSystem COUNT2.php sql injection
A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This vulnerability affects unknown code of the file /Profilers/PriProfile/COUNT2.php. This manipulation of the argument cname causes sql injection. The attack may be initiated remotely...