Exploit for SQL Injection in Salephpscripts Web_Directory_Free

SECTF2026 — "You Play the CTF. We Play Defense" Event: XP...

SQLmaster

SQ...

CVE-2025-14209

CVE-2025-14209 affects Campcodes School File Management System 1.0. A vulnerability in the file /update_query.php allows SQL injection through the parameter (stud_id/student_id depending on source). The issue enables remote exploitation and has publicly available exploits. Impact is described as ...

Exploit for Injection in Oracle Agile_Plm

Auto-WebLogicScanner An automated WebLogic vulnerability dete...

EUVD-2018-1136

Malware in sbrugna...

EUVD-2025-10030

Malicious code in bioql PyPI...

EUVD-2025-23269

Malicious code in bioql PyPI...

EUVD-2025-6627

Malicious code in bioql PyPI...

EUVD-2025-4415

Malicious code in bioql PyPI...

CVE-2025-54132 Cursor's Mermaid Diagram Tool is Vulnerable to an Arbitrary Image Fetch

Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid which is used to render diagrams allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled serve...

Exploit for SQL Injection in Carmelo Food_Ordering_Review_System

CVE-2025-8018 Exploit – Food Ordering Review System v1.0 This...

CVE-2025-7410

Summary: CVE-2025-7410 affects LifeStyle Store 1.0 from Code-Projects. The issue is a vulnerability in the /cart_remove.php file where manipulating the ID argument enables SQL injection. The vulnerability is remote and the exploit has been disclosed publicly. Affected component: LifeStyle Store 1...

Exploit for SQL Injection in Anisha Car_Rental_System

CVE‑2025‑6907 SQLi Exploit Tool File: exploit.c Aut...

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 – Wing FTP Server RCE via Lua Injection Auth...

CVE-2025-6157

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registered-user-testing.php. The manipulation of the argument testtype leads to sql injection. The attack may be...

PT-2025-25682 · Mojoomla · Mojoomla School Management

Name of the Vulnerable Software and Affected Versions: mojoomla School Management versions n/a through 92.0.0 Description: The issue is related to an SQL Injection vulnerability, specifically Improper Neutralization of Special Elements used in an SQL Command. This allows for Blind SQL Injection,...

Exploit for Code Injection in Ispconfig

---- CVE-2023-46818...

CVE-2025-5677

A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=saveapplication. The manipulation of the argument positionid leads to sql injection. The attack may be...

CVE-2025-48487

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when creating a translation of a phrase that appears in a flash-message after a completed action, it is possible to inject a payload to exploit XSS vulnerability. This issue has been patched in version 1.8.180...

CVE-2025-48487 FreeScout Vulnerable to Stored XSS

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when creating a translation of a phrase that appears in a flash-message after a completed action, it is possible to inject a payload to exploit XSS vulnerability. This issue has been patched in version 1.8.180...