CVE-2025-14223 code-projects Simple Leave Manager request.php sql injection

A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staffid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

EUVD-2025-201695

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-14255

CVE-2025-14255 relates to Vitals ESP (Galaxy Software Services). Connected sources confirm a SQL Injection vulnerability in Vitals ESP, enabling authenticated remote attackers to inject arbitrary SQL commands to read database contents. The issue is described consistently across Red Hat, NVD, CVE ...

CVE-2025-14255 Galaxy Software Services｜Vitals ESP - SQL Injection

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-14254 Galaxy Software Services｜Vitals ESP - SQL Injection

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-14254 Galaxy Software Services｜Vitals ESP - SQL Injection

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

EUVD-2025-201691

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-14254

CVE-2025-14254 affects Galaxy Software Services’ Vitals ESP. The vulnerability is a SQL Injection in the product, allowing authenticated remote attackers to inject arbitrary SQL to read database contents. Reported across multiple feeds (NVD, Red Hat, CVE lists) with CVSS v3.1 base score 6.5 (MEDI...

CVE-2025-14222 code-projects Employee Profile Management System print_personnel_report.php sql injection

A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /printpersonnelreport.php. This manipulation of the argument perid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

ECHO-DB35-C03E-F270

Bulletin has no description...

CVE-2025-14218

A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has be...

CVE-2025-14218 code-projects Currency Exchange System editotheraccount.php sql injection

A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has be...

CVE-2025-14214 itsourcecode Student Information System section_edit1.php sql injection

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...

EUVD-2025-201647

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being deleted, after all its...

CVE-2025-14212 projectworlds Advanced Library Management System member_search.php sql injection

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...

EUVD-2025-201658

A vulnerability was detected in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /deletebook.php. Performing manipulation of the argument bookid results in sql injection. The attack may be initiated remotely. The exploit ...

CVE-2025-14209

A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /updatequery.php. This manipulation of the argument studid causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and...

CVE-2025-14209 Campcodes School File Management System update_query.php sql injection

A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /updatequery.php. This manipulation of the argument studid causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and...

CVE-2025-14209 Campcodes School File Management System update_query.php sql injection

A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /updatequery.php. This manipulation of the argument studid causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and...

DEBIAN-CVE-2025-40297

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being deleted, after all its...