CVE-2026-37591

Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/viewdetails.php...

CVE-2026-36946

CVE-2026-36946 affects Sourcecodester Computer and Mobile Repair Shop Management System v1.0. The vulnerability is an SQL injection in the file /rsms/admin/inquiries/view_details.php. The CVSS v3.1 data in the sources indicates: Network attack vector, low confidentiality impact, no integrity/avai...

CVE-2026-5837

A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the extractToolResultMediaPaths process. An attacker can access and exfiltrate sensitive files from the system's temporary directory or other allowed local roots b...

CVE-2025-14991 Campcodes Complete Online Beauty Parlor Management System bwdates-reports-details.php cross site scripting

A weakness has been identified in Campcodes Complete Online Beauty Parlor Management System 1.0. The affected element is an unknown function of the file /admin/bwdates-reports-details.php. Executing a manipulation of the argument fromdate can lead to cross site scripting. The attack may be launch...

Online Complaint Site /cms/users/complaint-details.php File SQL Injection Vulnerability

Online Complaint Site is an online complaint site. Online Complaint Site suffers from a SQL injection vulnerability that originates from improperly filtered SQL statements submitted in the /cms/users/complaint-details.php file, which can be exploited by an attacker to obtain sensitive data and mo...

CVE-2025-11516

A weakness has been identified in code-projects Online Complaint Site 1.0. Impacted is an unknown function of the file /cms/users/complaint-details.php. Executing manipulation of the argument cid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made...

Online Fire Reporting System 跨站脚本漏洞

Online Fire Reporting System is an online fire reporting system developed by Carlo Montero, an individual developer. A cross-site scripting vulnerability exists in Online Fire Reporting System version 1.2, which stems from insufficient validation of inputs for the parameters mark, status, and...

CVE-2025-9690

A flaw has been found in SourceCodester Advanced School Management System 1.0. This affects an unknown function of the file /index.php/stock/vendordetails. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be us...

PT-2025-35360

Name of the Vulnerable Software and Affected Versions: SourceCodester Advanced School Management System version 1.0 Description: A flaw exists in SourceCodester Advanced School Management System 1.0 that allows for SQL injection. The issue is located in the file /index.php/stock/vendordetails,...

CVE-2025-8987

A vulnerability was identified in SourceCodester COVID 19 Testing Management System 1.0. This affects an unknown part of the file /test-details.php. The manipulation of the argument remark leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

PHPGurukul Online DJ Booking Management System 安全漏洞

PHPGurukul Online DJ Booking Management System is an online DJ booking management system from PHPGurukul Inc. A security vulnerability exists in version 2.0 of the PHPGurukul Online DJ Booking Management System due to an insecure direct object reference in odms/request-details.php...

CVE-2025-5246

A vulnerability classified as critical was found in Campcodes Online Hospital Management System 1.0. This vulnerability affects unknown code of the file /hms/admin/query-details.php. The manipulation of the argument adminremark leads to sql injection. The attack can be initiated remotely. The...

CampCodes Online Hospital Management System 安全漏洞

CampCodes Online Hospital Management System is an online hospital management system from CampCodes, Inc. A security vulnerability exists in CampCodes Online Hospital Management System version 1.0, which is caused by a SQL injection due to an incorrect manipulation of the parameter adminremark in...

CVE-2025-3981

A vulnerability, which was classified as problematic, has been found in wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System 1.0. This issue affects some unknown processing of the file /v1/prescription/details/. The manipulation leads to improper authorization. The attack may be initiated...

PHPGurukul Bank Locker Management System 安全漏洞

Bank Locker Management System is a bank locker management system. Bank Locker Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the searchinput parameter of /search-locker-details.php. An attacker can exploi...

CVE-2025-0961

A vulnerability, which was classified as problematic, has been found in code-projects Job Recruitment 1.0. Affected by this issue is some unknown functionality of the file /parse/loadjob-details.php. The manipulation of the argument businessstreamname/companywebsiteurl leads to cross site...

CVE-2024-11677

A vulnerability was found in CodeAstro Hospital Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /backend/admin/hisadminaddvendor.php of the component Add Vendor Details Page. The manipulation of the argument...

PHPGurukul Medical Card Generation System SQL注入漏洞

PHPGurukul Medical Card Generation System is a medical card generation system from PHPGurukul Inc. A SQL injection vulnerability exists in version 1.0 of the PHPGurukul Medical Card Generation System, which stems from the parameter fromdate/todate in the file...

Zoo Management System SQL注入漏洞

Zoo Management System is a zoo management system by the individual developer Carlo Montero. It provides an online and automated platform for zoo organizations to manage their daily records. A SQL injection vulnerability exists in version 2.1 of the PHPGurukul Zoo Management System, which stems fr...