CVE-2026-11342

A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and...

CVE-2026-37600

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/viewdetails.php...

PT-2026-32640

CVE-2026-37600 SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/view details.php. https://t.co/uQ5V37C8xd...

PT-2026-32355

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/view details.php...

CVE-2026-5837 PHPGurukul News Portal Project news-details.php sql injection

A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2019-25676 Ask Expert Script 3.0.5 Cross Site Scripting SQL Injection

Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view...

CVE-2025-65125

CVE-2025-65125 affects gosaliajainam/online-movie-booking version 5.5, where a SQL injection in movie_details.php can disclose sensitive information. The vulnerability is labeled as high-severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H; base score 9.8). Exploitation is network-based with n...

CVE-2025-65125

SQL injection in gosaliajainam/online-movie-booking 5.5 in moviedetails.php allows attackers to gain sensitive information...

CVE-2025-15074

A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. This vulnerability affects unknown code of the file /customerdetails.php. Such manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be...

EUVD-2025-37011

Cross-site scripting XSS vulnerability in blog-details.php in Hiruna Gallage's Glamour Salon Management System v1 allows remote attackers to inject arbitrary web script or HTML via the blog comment section parameter...

EUVD-2025-28723

Malicious code in bioql PyPI...

CVE-2025-11038

A weakness has been identified in itsourcecode Online Clinic Management System 1.0. Affected is an unknown function of the file /details.php?action=post. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made available t...

CVE-2025-40692

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'requestid' parameter in the endpoint '/ofrs/details.php'...

CVE-2025-8987

A vulnerability was identified in SourceCodester COVID 19 Testing Management System 1.0. This affects an unknown part of the file /test-details.php. The manipulation of the argument remark leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2025-5615

A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /details.php. The manipulation of the argument requestid leads to sql injection. The attack can be launched remotely...

CVE-2025-5358 PHPGurukul/Campcodes Cyber Cafe Management System bwdates-reports-details.php sql injection

A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may...

CVE-2024-7224

A vulnerability was found in SourceCodester Lot Reservation Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /lotdetails.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...

CVE-2023-2209

A vulnerability, which was classified as critical, was found in Campcodes Coffee Shop POS System 1.0. Affected is an unknown function of the file /admin/sales/viewdetails.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2024-13204

A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /blog-details.php. The manipulation of the argument blogid leads to sql injection. The attack can be launched remotely. The...

PHPGurukul Online Course Registration System SQL注入漏洞

Online Course Registration System is an online course registration system by the individual developer ANUJ KUMAR. A SQL injection vulnerability exists in PHPGurukul Online Course Registration System version 3.1, which stems from the parameter nid in the file news-details.php that can lead to SQL...