CVE-2025-14587

A vulnerability was identified in itsourcecode Online Pet Shop Management System 1.0. This affects an unknown part of the file /pet1/available.php. Such manipulation of the argument Name leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be us...

CVE-2025-14653

CVE-2025-14653 affects itsourcecode Student Management System 1.0. The vulnerability is in an unknown function of /addrecord.php where manipulation of the ID parameter enables SQL injection. Remote exploitation is possible and exploits have been publicly disclosed. Documents consistently describe...

EUVD-2025-203289

A weakness has been identified in code-projects Computer Book Store 1.0. Affected is an unknown function of the file /admindelete.php. This manipulation of the argument bookisbn causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public...

EUVD-2025-203291

A flaw has been found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown part of the file /cakeshop/product.php. Executing manipulation of the argument Product can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-14650

A flaw has been found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown part of the file /cakeshop/product.php. Executing manipulation of the argument Product can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-14650 itsourcecode Online Cake Ordering System product.php sql injection

A flaw has been found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown part of the file /cakeshop/product.php. Executing manipulation of the argument Product can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-10289

The Filter & Grids plugin for WordPress is vulnerable to SQL Injection via the 'phrase' parameter in all versions up to, and including, 3.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2025-14646

The CVE-2025-14646 entry describes a SQL injection in code-projects Student File Management System 1.0, triggered by manipulating the stud_id parameter in /admin/delete_student.php. Connected documents (CNVD-2026-00828, RH:CVE-2025-14646, CNNVD-202512-2597, VULNRICHMENT/CVE-2025-14646, PT-2025-51...

CVE-2025-14646 code-projects Student File Management System delete_student.php sql injection

A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/deletestudent.php. The manipulation of the argument studid results in sql injection. The attack may be performed from remote. The exploit has been released ...

CVE-2025-14645 code-projects Student File Management System delete_user.php sql injection

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown function of the file /admin/deleteuser.php. The manipulation of the argument userid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2025-13126

The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the postargs and topicargs parameters in all versions up to, and including, 2.4.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes ...

CVE-2025-67896

Exim before 4.99.1, with certain non-default rate-limit configurations, allows a remote heap-based buffer overflow because database records are cast directly to internal structures without validation...

CVE-2025-14477

The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This is due to improper sanitization of the filterText paramet...

CVE-2025-14644 itsourcecode Student Management System update_subject.php sql injection

A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /updatesubject.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclos...

EUVD-2025-203273

A vulnerability was detected in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /uprec.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...

Unsafe Pickle Deserialization in apache-airflow-providers-http leading to RCE via HttpOperator

A High severity Unsafe Deserialization vulnerability exists in the airflow.providers.http package. The HttpOperator uses pickle.loads to deserialize untrusted data received from the Triggerer service via the database in the executecomplete method. This allows an attacker who has gained write acce...

CVE-2025-14640

A flaw has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /admin/savestudent.php. Executing manipulation of the argument studno can lead to sql injection. The attack may be launched remotely. The exploit has been published a...

CVE-2025-14639

A vulnerability was detected in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /uprec.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...

CVE-2025-14638 itsourcecode Online Pet Shop Management System update_cnp.php sql injection

A security vulnerability has been detected in itsourcecode Online Pet Shop Management System 1.0. This issue affects some unknown processing of the file /pet1/updatecnp.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been...

PT-2025-51139

Name of the Vulnerable Software and Affected Versions Code-Projects Student File Management System version 1.0 Description A flaw exists in Code-Projects Student File Management System version 1.0 that allows for SQL injection. Manipulation of the stud no argument in the /admin/save student.php...