CVE-2026-39110

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...

CVE-2026-39110

The CVE-2026-39110 entry concerns the Apartment Visitors Management System (Version 1.1). A SQL Injection flaw exists in the forgot-password.php page, specifically in the contactno parameter, allowing an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...

CVE-2026-39110

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...

Online Shopping Portal login.php File SQL Injection Vulnerability

Online Shopping Portal is an online store system. A SQL injection vulnerability exists in Online Shopping Portal due to a lack of validation of externally-entered SQL statements for the fullname, emailid, and contactno parameters in login.php. An attacker can exploit this vulnerability to execute...

CVE-2024-44660

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php...

CVE-2024-44660

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php...

PHPGurukul Online Shopping Portal 安全漏洞

Online Shopping Portal is an online store system. A SQL injection vulnerability exists in Online Shopping Portal due to a lack of validation of externally-entered SQL statements for the fullname, emailid, and contactno parameters in login.php. An attacker can exploit this vulnerability to execute...

PT-2025-47197

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Shopping Portal version 2.0 Description The PHPGurukul Online Shopping Portal version 2.0 is susceptible to SQL Injection. This issue affects the login.php file and specifically involves the fullname, emailid, and contactno...

CVE-2024-44660

The CVE-2024-44660 entry concerns PHPGurukul Online Shopping Portal 2.0 with a SQL Injection in login.php, exploitable via the fullname, emailid, and contactno parameters. Root cause: lack of input validation/parameterized queries allows arbitrary SQL to be executed against the backend database. ...

EUVD-2025-26526

Malicious code in bioql PyPI...

CVE-2025-57147

A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php...

CVE-2024-53603

A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter...

Apartment Visitors Management System contactno Parameter SQL Injection Vulnerability

Apartment Visitors Management System is an apartment visitor management system. The Apartment Visitors Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the contactno parameter against externally entered SQL statements. An attacker can use this...

PHPGurukul Apartment Visitors Management System 注入漏洞

Apartment Visitors Management System is an apartment visitor management system. The Apartment Visitors Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the contactno parameter against externally entered SQL statements. An attacker can use this...

CVE-2025-25389

A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter...

CVE-2025-25389

A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter...

PT-2025-7089 · Unknown · Phpgurukul Land Record System

Name of the Vulnerable Software and Affected Versions: Phpgurukul Land Record System version 1.0 Description: A SQL Injection issue was found in the /admin/forgot-password.php endpoint, allowing remote attackers to execute arbitrary code via the contactno POST request parameter. This enables...

CVE-2025-25389

CVE-2025-25389 is a SQL Injection vulnerability in Phpgurukul Land Record System v1.0, exploitable via the /admin/forgot-password.php endpoint and the contactno POST parameter. The issue allows remote attackers to execute arbitrary code and has a CVSSv3.1 base score of 9.8 (CRITICAL) with network...

CVE-2024-53603

A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter...

CVE-2024-42918

itsourcecode Online Accreditation Management System contains a Cross Site Scripting vulnerability, which allows an attacker to execute arbitrary code via a crafted payload to the SCHOOLNAME, EMAILADDRES, CONTACTNO, COMPANYNAME and COMPANYCONTACTNO parameters in controller.php...