151 matches found
CVE-2024-46335
PHPGurukul Complaint Management System 2.0 is vulnerable to Cross-Site Scripting (XSS) in the between-date-userreport.php script, via the fromdate and todate parameters. The root cause, as described across multiple reports, is lack of proper filtering/escaping of user-supplied data, enabling inje...
Beauty Parlour Management System sales-reports-detail.php File SQL Injection Vulnerability
Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the parameters fromdate and todate in the file /admin/sales-reports-detail.php for externally entered SQL statement...
PT-2025-40960
Name of the Vulnerable Software and Affected Versions Campcodes Online Apartment Visitor Management System version 1.0 Description A security flaw exists in Campcodes Online Apartment Visitor Management System version 1.0. The issue involves a SQL injection impacting an unknown function within th...
EUVD-2025-30758
Malicious code in bioql PyPI...
EUVD-2025-30808
Malicious code in bioql PyPI...
EUVD-2025-24952
Malicious code in bioql PyPI...
EUVD-2025-28899
Malicious code in bioql PyPI...
CVE-2025-10826
A security flaw has been discovered in Campcodes Online Beauty Parlor Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/sales-reports-detail.php. The manipulation of the argument fromdate/todate results in sql injection. The attack can be launche...
Park Ticketing Management System foreigner-bwdates-reports-details.php file SQL injection vulnerability
Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the fromdate parameter in the file foreigner-bwdates-reports-details.php against an externally entered SQL...
Park Ticketing Management System normal-bwdates-reports-details.php file SQL injection vulnerability
Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter fromdate in the file normal-bwdates-reports-details.php. A...
CVE-2025-56074
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
CVE-2025-56075
A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
CVE-2025-10826
A security flaw has been discovered in Campcodes Online Beauty Parlor Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/sales-reports-detail.php. The manipulation of the argument fromdate/todate results in sql injection. The attack can be launche...
CVE-2025-56075
A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
CVE-2025-56075
A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
CVE-2025-56074
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
CVE-2025-56074
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
CVE-2025-56074
The CVE-2025-56074 entry concerns PHPGurukul Park Ticketing Management System v2.0. The vulnerability is a SQL Injection in the file foreigner-bwdates-reports-details.php, exploitable via the fromdate parameter in a POST request. The underlying issue is lack of input validation that allows an att...
CVE-2025-56074
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the fromdate parameter in a POST request...
Campcodes Online Beauty Parlor Management System SQL注入漏洞
CampCodes Online Beauty Parlor Management System is an online beauty parlor management system from CampCodes Philippines, Inc. Campcodes Online Beauty Parlor Management System version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter...