CVE-2026-7612 itsourcecode Courier Management System edit_user.php sql injection

A vulnerability was determined in itsourcecode Courier Management System 1.0. Affected is an unknown function of the file /edituser.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may ...

CVE-2025-14226

A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument fname leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and...

EUVD-2018-10267

Malware in sbrugna...

SourceCodester Student Grading System SQL注入漏洞

SourceCodester Student Grading System is a SourceCodester open source student grading system. A SQL injection vulnerability exists in SourceCodester Student Grading System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /edituser.php, which could lead to a SQL...

CVE-2025-8189 Campcodes Courier Management System edit_user.php sql injection

A vulnerability classified as critical was found in Campcodes Courier Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7928 code-projects Church Donation System edit_user.php sql injection

A vulnerability was found in code-projects Church Donation System 1.0 and classified as critical. This issue affects some unknown processing of the file /members/edituser.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-6842 code-projects Product Inventory System edit_user.php sql injection

A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edituser.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-10994 Codezips Online Institute Management System edit_user.php unrestricted upload

A vulnerability has been found in Codezips Online Institute Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edituser.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched...

CVE-2024-10994 Codezips Online Institute Management System edit_user.php unrestricted upload

A vulnerability has been found in Codezips Online Institute Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edituser.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched...

CVE-2024-4804 Kashipara College Management System edit_user.php sql injection

A vulnerability was found in Kashipara College Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edituser.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2023-46006

Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edituser.php...

CVE-2023-46006

Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edituser.php...

Sql injection

School Registration and Fee System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at/bilal final/edituser.php...

CVE-2023-27041

School Registration and Fee System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at/bilal final/edituser.php...

Sql injection

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edituser.php...

CVE-2020-23836

A Cross-Site Request Forgery CSRF vulnerability in edituser.php in OSWAPP Warehouse Inventory System aka OSWA-INV through 2020-08-10 allows remote attackers to change the admin's password after an authenticated admin visits a third-party site...

CVE-2020-23836

A Cross-Site Request Forgery CSRF vulnerability in edituser.php in OSWAPP Warehouse Inventory System aka OSWA-INV through 2020-08-10 allows remote attackers to change the admin's password after an authenticated admin visits a third-party site...

Design/Logic Flaw

Fiyo CMS 2.0.7 has XSS via the dapur\apps\appuser\edituser.php name parameter...

CVE-2018-18545

Fiyo CMS 2.0.7 has XSS via the dapur\apps\appuser\edituser.php name parameter...

CVE-2018-18545

The collected records confirm CVE-2018-18545 affects Fiyo CMS 2.0.7, with a Cross‑Site Scripting (XSS) vulnerability exposed via the name parameter in the file path dapur/apps/app_user/edit_user.php. The issue is documented as an XSS path in multiple sources (e.g., NVD and CNVD/CVE mirrors) and i...