EUVD-2026-0874

A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This vulnerability affects unknown code of the file app/user/login.php of the component User Login. The manipulation of the argument emailadd results in sql injection. The attack may be launched remotely...

CVE-2026-0583

CVE-2026-0583 affects code-projects Online Product Reservation System 1.0, specifically the file app/user/login.php in the User Login component. The vulnerability arises from manipulation of the parameter emailadd , leading to a SQL injection . The impact is documented as remote exploitation with...

CVE-2026-0582

The CVE pertains to itsourcecode Society Management System 1.0. A SQL injection vulnerability exists in the file /admin/edit_activity_query.php triggered by manipulating the Title parameter, with exploitation described as remote and publicly available. Affected component/file: /admin/edit_activit...

CVE-2025-15238

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-15239

CVE-2025-15239 concerns the QOCA aim AI Medical Cloud Platform from Quanta Computer. The connected sources confirm a SQL Injection vulnerability that enables authenticated remote attackers to inject arbitrary SQL commands to read database contents. The available metrics indicate CVSS v3.1 base sc...

EUVD-2026-0901

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-15238 Quanta Computer｜QOCA aim AI Medical Cloud Platform - SQL Injection

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-15447

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor mentioned in the original disclosure filed a report that this issue affects a different...

PT-2026-1333

Name of the Vulnerable Software and Affected Versions code-projects Online Music Site version 1.0 Description A security issue exists in code-projects Online Music Site 1.0 related to SQL injection. The issue is present in the /login.php file and involves manipulation of the username and password...

Pervasive Vulnerability Analysis and Defense for QKD-Based Quantum Private Query

Quantum Private Query QPQ based on Quantum Key Distribution QKD is among the most practically viable quantum communication protocols, with application value second only to QKD itself. However, prevalent security vulnerabilities in the post-processing stages of most existing QKD-based QPQ protocol...

Quanta QOCA aim AI Medical Cloud Platform SQL注入漏洞

Quanta QOCA aim AI Medical Cloud Platform is an artificial intelligence AI medical cloud computing integration platform from Quanta Taiwan, China that provides comprehensive AI model development tools, covering the entire process from AI development to clinical applications. The Quanta QOCA aim A...

WordPress plugin Premium SEO Pack SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injectio...

Code-Projects Online Music Site 安全漏洞

Code-Projects Online Music Site is an online music site from Code-Projects open source. A security vulnerability exists in Code-Projects Online Music Site version 1.0, which stems from incorrect manipulation of the parameters username/password in the file /login.php, and could lead to a SQL...

Code-Projects Online Music Site SQL注入漏洞

Code-Projects Online Music Site is an open source online music site by Code-Projects. A SQL injection vulnerability exists in Code-Projects Online Music Site version 1.0, which stems from incorrect manipulation of the parameter ID in the file /FrontEnd/Albums.php, which could lead to a SQL...

PT-2026-1277

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description A flaw exists in the Online Product Reservation System that allows for remote manipulation. The issue stems from a SQL injection point within the POST Parameter Handler,...

PT-2026-1286

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description A security flaw exists in the User Registration Handler component of code-projects Online Product Reservation System version 1.0. The issue involves a SQL injection that c...

PT-2026-1227

Name of the Vulnerable Software and Affected Versions QOCA aim AI Medical Cloud Platform affected versions not specified Description The QOCA aim AI Medical Cloud Platform, developed by Quanta Computer, contains a SQL Injection flaw. This allows authenticated remote attackers to inject arbitrary...

PT-2026-1278

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description A flaw exists in code-projects Online Product Reservation System 1.0 that allows for SQL injection. The issue is located in an unknown function within the...

CVE-2025-15447

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor mentioned in the original disclosure filed a report that this issue affects a different vendor. The research...

EUVD-2026-0775

A vulnerability was found in code-projects Online Product Reservation System 1.0. This affects an unknown part of the file /handgunner-administrator/edit.php of the component POST Parameter Handler. The manipulation of the argument prodid/name/price/model/serial results in sql injection. The atta...