Google Cloud Looker 安全漏洞

Google Cloud Looker is an online tool from Google USA for converting data into customizable information-rich reports and dashboards. A security vulnerability exists in Google Cloud Looker that stems from insufficient parameter filtering in the IBM DB2 driver, which could lead to the execution of...

Austrian Academy of Sciences OpenAtlas 安全漏洞

Austrian Academy of Sciences OpenAtlas is a database application dealing with archaeology and history organized by the Austrian Academy of Sciences in Austria. A security vulnerability exists in Austrian Academy of Sciences OpenAtlas versions prior to 8.12.0, which stems from a reflected cross-si...

CVE-2025-56401

ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName...

PT-2025-47918

Name of the Vulnerable Software and Affected Versions Apache Syncope versions prior to 3.0.15 Apache Syncope versions prior to 4.0.3 Description Apache Syncope, when configured to use AES encryption for storing user passwords in its internal database, utilizes a hard-coded default key. This allow...

COVID Tracking System SQL Injection Vulnerability

The COVID Tracking System is a new crown pneumonia tracking system. The COVID Tracking System suffers from a SQL injection vulnerability that stems from the /admin/?page=state file not securely filtering the ID parameter. The vulnerability can be exploited by an attacker to illegally obtain...

PT-2025-47890

A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack traces to the client...

CVE-2025-13572

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /deleteadmin.php. The manipulation of the argument adminid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2025-13572

The CVE-2025-13572 entry affects projectworlds Advanced Library Management System 1.0, with a vulnerability in the /delete_admin.php path where manipulating the admin_id parameter enables SQL injection. Remote exploitation is possible and an exploit is publicly available. Several sources corrobor...

CVE-2025-13571

A vulnerability was determined in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /listorder.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly...

CVE-2025-13570

A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=state. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been made publ...

CVE-2025-13571

CVE-2025-13571 affects Code-Projects Simple Food Ordering System 1.0, with a SQL injection vulnerability in /listorder.php triggered by manipulating the ID parameter. The issue is remotely exploitable, and public exploit information is cited in the initial data. Connected sources corroborate the ...

CVE-2025-13570 itsourcecode COVID Tracking System page sql injection

A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=state. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been made publ...

EUVD-2025-198580

A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed a...

EUVD-2025-198574

A flaw has been found in Campcodes Online Polling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checklogin.php. Executing manipulation of the argument myusername can lead to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-13557

A vulnerability has been found in Campcodes Online Polling System 1.0. Affected by this issue is some unknown functionality of the file /registeracc.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the publ...

CVE-2025-13560

A vulnerability was found in SourceCodester Company Website CMS 1.0. This affects an unknown part of the file /admin/reset-password.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used...

EUVD-2025-198566

A vulnerability was detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this issue is some unknown functionality of the file /results.php of the component Search. The manipulation of the argument userquery results in sql injection. The attack can be...

CVE-2025-13545 ashraf-kabir travel-agency index.php sql injection

A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerability is an unknown functionality of the file /adminarea/index.php. The manipulation of the argument editpack leads to sql injection. The attack can be...

SQL-INJECTION

SQL-INJECTION SQL Injection SQLi Demonstration Pro...

CampCodes Online Polling System SQL注入漏洞

CampCodes Online Polling System is an online polling system from CampCodes Philippines. A SQL injection vulnerability exists in CampCodes Online Polling System version 1.0, which stems from an incorrect manipulation of the parameter myusername in the file /admin/checklogin.php, which may lead to...