Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2025/11/02 12:0 a.m.6 views

PT-2025-44738

Name of the Vulnerable Software and Affected Versions itsourcecode Online Loan Management System version 1.0 Description A flaw exists in itsourcecode Online Loan Management System that allows for SQL injection. This issue affects an unspecified part of the /load fields.php file. The loan id...

9.8CVSS6.8AI score0.00374EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/11/02 12:0 a.m.3 views

itsourcecode Online Loan Management System SQL注入漏洞

itsourcecode Online Loan Management System is an online loan management system from itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Loan Management System, which stems from an incorrect manipulation of the parameter loanid in the file...

9.8CVSS7.7AI score0.00374EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/08/30 6:19 p.m.5 views

CVE-2025-9502

A weakness has been identified in Campcodes Online Loan Management System 1.0. This impacts an unknown function of the file /ajax.php?action=savepayment. Executing manipulation of the argument loanid can lead to sql injection. The attack may be launched remotely. The exploit has been made availab...

9.8CVSS7.4AI score0.00387EPSS
Exploits1References1
NVD
NVD
added 2025/08/27 3:15 a.m.6 views

CVE-2025-9502

A weakness has been identified in Campcodes Online Loan Management System 1.0. This impacts an unknown function of the file /ajax.php?action=savepayment. Executing manipulation of the argument loanid can lead to sql injection. The attack may be launched remotely. The exploit has been made availab...

9.8CVSS0.00387EPSS
Exploits1References5
CVE
CVE
added 2025/08/27 2:32 a.m.24 views

CVE-2025-9502

CVE-2025-9502 affects Campcodes Online Loan Management System v1.0. The vulnerability is an SQL injection in the function/file /ajax.php?action=save_payment (and variations like /ajax.php?action=save payment) caused by manipulation of the loan_id parameter. Attacks can be launched remotely and, p...

9.8CVSS7.5AI score0.00387EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/08/27 2:32 a.m.12 views

CVE-2025-9502 Campcodes Online Loan Management System ajax.php sql injection

A weakness has been identified in Campcodes Online Loan Management System 1.0. This impacts an unknown function of the file /ajax.php?action=savepayment. Executing manipulation of the argument loanid can lead to sql injection. The attack may be launched remotely. The exploit has been made availab...

7.5CVSS0.00387EPSS
Exploits1References5
Rows per page
Query Builder