CVE-2026-7114

A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilize...

EUVD-2026-19018

A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...

CVE-2018-25206 KomSeo Cart 1.3 SQL Injection via edit.php

KomSeo Cart 1.3 contains an SQL injection vulnerability that allows attackers to inject SQL commands through the 'myitemsearch' parameter in edit.php. Attackers can submit POST requests with malicious SQL payloads to extract sensitive database information using boolean-based blind or error-based...

PT-2026-23935

Name of the Vulnerable Software and Affected Versions itsourcecode Free Hotel Reservation System version 1.0 Description A security flaw exists in itsourcecode Free Hotel Reservation System version 1.0. The issue involves a SQL injection impacting an unknown function within the file...

CVE-2025-14227

A security flaw has been discovered in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. This issue affects some unknown processing of the file /edit.php. The manipulation results in sql injection. The attack may be performed from remote. The exploit has been released to...

CVE-2025-11109

A vulnerability was identified in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/usedit.php?action=edit. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is...

CVE-2025-11109 Campcodes Computer Sales and Inventory System us_edit.php sql injection

A vulnerability was identified in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/usedit.php?action=edit. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is...

CVE-2025-11109

CVE-2025-11109 affects Campcodes Computer Sales and Inventory System 1.0. The vulnerability is a SQL injection in the parameter ID of the file /pages/us_edit.php?action=edit, allowing remote exploitation. Public exploits exist. Several sources corroborate the flaw and its remote exploitability, w...

PT-2025-39777

Name of the Vulnerable Software and Affected Versions Campcodes Computer Sales and Inventory System version 1.0 Description A flaw exists in Campcodes Computer Sales and Inventory System version 1.0 that allows for remote SQL injection. The issue is located in the file /pages/us edit.php and...

CVE-2025-10831

A vulnerability has been found in Campcodes Computer Sales and Inventory System 1.0. Impacted is an unknown function of the file /pages/proedit1.php. The manipulation of the argument prodcode leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed...

CVE-2025-7842

The Silencesoft RSS Reader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.6. This is due to missing or incorrect nonce validation on the 'silrsseditpage' page. This makes it possible for unauthenticated attackers to delete RSS feeds via a...

CVE-2022-28586

XSS in edit page of Hoosk 1.8.0 allows attacker to execute javascript code in user browser via edit page with XSS payload bypass filter some special chars...

Pluck 跨站请求伪造漏洞

Pluck is a small and simple content management system CMS written in PHP. A cross-site request forgery vulnerability exists in Pluck version 4.7.10-dev2. An attacker can exploit this vulnerability to edit a page via /admin.php?action=editpage...

Sourcecodester baby-care-system-phpmysqli-full-source-code 跨站脚本漏洞

Sourcecodester baby-care-system-phpmysqli-full-source-code is a Sourcecodester open source application. Used to manage infant health care. A cross-site scripting vulnerability exists in baby-care-system-phpmysqli-full-source-code 1.0, which is affected by a cross-site scripting XSS vulnerability ...