PT-2025-52626

Name of the Vulnerable Software and Affected Versions Ragic Enterprise Cloud Database affected versions not specified Description The Ragic Enterprise Cloud Database contains a hard-coded cryptographic key issue. This allows unauthenticated remote attackers to exploit the fixed key to generate...

Centreon 安全漏洞

Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for network, system and application resources. A security vulnerability exists in Centreon version 24.10.0 up to and including version 24.10.5, version 24.04.0 ...

webTareas SQL注入漏洞

webTareas is a web-based open source collaboration tool for luiswang individual developers. The product supports features such as project management, bug tracking, content management and meeting management. A SQL injection vulnerability exists in webTareas version 2.4, which stems from an SQL...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Divine Vision Han Technology Co., Ltd (CNVD-C-2025-1134083)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

Code-Projects Simple Stock System SQL注入漏洞

Code-Projects Simple Stock System is a Code-Projects open source simple stock system. Code-Projects Simple Stock System version 1.0 suffers from a SQL injection vulnerability that stems from a misuse of the parameter uname in file /logout.php, which could lead to a SQL injection attack...

PT-2025-52712

Name of the Vulnerable Software and Affected Versions Atom CMS version 2.0 Description Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the id...

PT-2025-52623

Name of the Vulnerable Software and Affected Versions Simple Stock System version 1.0 Description A SQL injection issue exists in Simple Stock System 1.0. The issue is due to the manipulation of the uname argument in the /logout.php file. This allows for remote execution of attacks. The exploit h...

CVE-2025-15003 SeaCMS admin_video.php sql injection

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

CVE-2025-15003

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

CVE-2025-15002

A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to...

CVE-2024-58308

Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating the login form. Attackers can inject specific SQL payloads like ' or '1'='1 to gain unauthorized administrative access to the system...

CVE-2025-14168

The WP DB Booster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing nonce validation on the cleanupall AJAX action. This makes it possible for unauthenticated attackers to delete database records including post...

CVE-2025-14990

A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing a manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The explo...

CVE-2025-14990 Campcodes Complete Online Beauty Parlor Management System view-appointment.php sql injection

A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing a manipulation of the argument viewid results in sql injection. The attack may be initiated remotely. The explo...

EUVD-2025-204647

A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/search-invoices.php. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit is publicly available and...

CampCodes Complete Online Beauty Parlor Management System SQL注入漏洞

Complete Online Beauty Parlor Management System is an online beauty parlor management system. Complete Online Beauty Parlor Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the file...

SeaCMS SQL注入漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A SQL injection vulnerability exists in SeaCMS 13.3 and earlier versions, which stems from the mishandling of the parameter page/limit b...

PT-2025-52613

Name of the Vulnerable Software and Affected Versions SeaCMS versions prior to 13.4 Description A flaw exists in SeaCMS that allows for SQL injection. The issue is located in an unknown function within the js/player/dmplayer/dmku/class/mysqli.class.php file. Manipulation of the page/limit argumen...

CVE-2025-14989 Campcodes Complete Online Beauty Parlor Management System search-invoices.php sql injection

A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/search-invoices.php. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit is publicly available and...

CVE-2025-14989 Campcodes Complete Online Beauty Parlor Management System search-invoices.php sql injection

A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/search-invoices.php. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit is publicly available and...