9 matches found
CVE-2025-14230
A vulnerability was detected in code-projects Daily Time Recording System 4.5.0. The impacted element is an unknown function of the file /admin/addpayroll.php. Performing manipulation of the argument detailId results in sql injection. The attack can be initiated remotely. The exploit is now publi...
CVE-2025-14230 code-projects Daily Time Recording System add_payroll.php sql injection
A vulnerability was detected in code-projects Daily Time Recording System 4.5.0. The impacted element is an unknown function of the file /admin/addpayroll.php. Performing manipulation of the argument detailId results in sql injection. The attack can be initiated remotely. The exploit is now publi...
CVE-2025-41019 SQL injection vulnerability in Sergestec's Exito
SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'id' parameter in '/index.php?view=ticketdetail'...
CVE-2025-41019 SQL injection vulnerability in Sergestec's Exito
SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'id' parameter in '/index.php?view=ticketdetail'...
Modern Bag product-detail.php file SQL Injection Vulnerability
Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter ID in the file /product-detail.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal S...
Code-Projects Modern Bag 注入漏洞
Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter ID in the file /product-detail.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal S...
CVE-2020-36003
The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases...
OSV-2020-190 Use-of-uninitialized-value in file_vprintf
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20729 Crash type: Use-of-uninitialized-value Crash state: filevprintf fileprintf filebuffer...
CVE-2017-17635
MLM Forex Market Plan Script 2.0.4 has SQL Injection via the newsdetail.php newid parameter or the eventdetail.php eventid parameter...