CVE-2025-15211

A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown function of the file /home/refugee.php. Executing manipulation of the argument refNo/Fname/Lname/sex/age/contact/nationalitynid can lead to sql injection. The attack can be executed remotely. The...

CVE-2024-44630

Multiple parameters in register.php in PHPGurukul Student Record System 3.20 are vulnerable to SQL injection. These include: c-full, fname, mname,lname, gname, ocp, nation, mobno, email, board1, roll1, pyear1, board2, roll2, pyear2, sub1,marks1, sub2, course-short, income, category, ph, country,...

EUVD-2023-46029

Malicious code in bioql PyPI...

EUVD-2025-28861

Malicious code in bioql PyPI...

CVE-2025-28016

A Reflected Cross-Site Scripting XSS vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the fname, lname, and contact parameters...

CVE-2025-28016

A Reflected Cross-Site Scripting XSS vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the fname, lname, and contact parameters...

CVE-2025-9492

A vulnerability was determined in Campcodes Online Water Billing System 1.0. This affects an unknown function of the file /addclient1.php. Executing manipulation of the argument lname can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may b...

CVE-2025-9492

A vulnerability was determined in Campcodes Online Water Billing System 1.0. This affects an unknown function of the file /addclient1.php. Executing manipulation of the argument lname can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may b...

CVE-2025-9492 Campcodes Online Water Billing System addclient1.php sql injection

A vulnerability was determined in Campcodes Online Water Billing System 1.0. This affects an unknown function of the file /addclient1.php. Executing manipulation of the argument lname can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may b...

CVE-2025-9492

CVE-2025-9492 affects Campcodes Online Water Billing System 1.0, with a vulnerability in the file /addclient1.php. Manipulating the lname parameter can lead to SQL injection, and the issue is remotely exploitable with other parameters possibly affected. Public exploitation details exist (includin...

PT-2025-34817 · Unknown · Campcodes Online Water Billing System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Water Billing System version 1.0 Description: A vulnerability exists in Campcodes Online Water Billing System that allows for SQL injection. The issue affects an unknown function within the /addclient1.php file. Manipulation ...

CVE-2023-41529

Hospital Management System v4 was discovered to contain multiple cross-site scripting XSS vulnerabilities in func2.php via the fname and lname parameters...

CVE-2021-32103

A Stored XSS vulnerability in interface/usergroup/usergroupadmin.php in OpenEMR before 5.0.2.1 allows a admin authenticated user to inject arbitrary web script or HTML via the lname parameter...

Code-Projects Hostel Management System 代码注入漏洞

Code-Projects Hostel Management System is an open source hostel management system from Code-Projects. A code injection vulnerability exists in Code-Projects Hostel Management System version 1.0, which originates from a cross-site scripting vulnerability in the fname/mname/lname parameter of the...

itsourcecode Billing System SQL注入漏洞

itsourcecode Billing System is itsourcecode open source a system developed in PHP MySQL database using HTML, CSS, Bootstrap, JavaScript, Ajax, J Query and Modal. this PH billing system project contains an administrator side. This PH Billing System project includes an administrator side where the...

Online Student Enrollment System SQL注入漏洞

Online Student Enrollment System is an online student enrollment system by Lyndon Bermoy, an individual developer. A SQL injection vulnerability exists in Online Student Enrollment System version 1.0, which can be exploited by an attacker to view, add, modify, or delete information in the back-en...

Campcodes Online Marriage Registration System 跨站脚本漏洞

Online Marriage Registration System is a website builder that supports online marriage registration. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Online Marriage Registration System, which stems from a cross-site scripting vulnerability in the lname parameter of the...

PT-2024-22023 · Unknown · Campcodes Online Marriage Registration System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Marriage Registration System version 1.0 Description: A problematic issue has been found in the system, affecting the processing of the file /user/user-profile.php. The manipulation of the argument lname leads to cross-site...

CVE-2022-29005

Multiple cross-site scripting XSS vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters...

CVE-2021-32103

A Stored XSS vulnerability in interface/usergroup/usergroupadmin.php in OpenEMR before 5.0.2.1 allows a admin authenticated user to inject arbitrary web script or HTML via the lname parameter...