CVE-2025-9595

The CVE-2025-9595 entry concerns code-projects Student Information Management System v1.0. The vulnerability is a cross-site scripting flaw in an unknown function of /login.php triggered by manipulation of the uname argument. It is exploitable remotely and an exploit has been publicly released. T...

CVE-2025-8443

CVE-2025-8443 affects code-projects Online Medicine Guide 1.0. The vulnerability is a SQL injection in login.php via the uname parameter, exploitable remotely; multiple sources describe public disclosure and potential impact. A practical mitigation noted in PT Security documentation is to restric...

CVE-2025-27724

A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php file can lead to elevated capabilities. An attacker can upload a malicious file to trigger this vulnerability...

PT-2025-31102 · Unknown · Meddream Pacs Premium

Name of the Vulnerable Software and Affected Versions: MedDream PACS Premium version 7.3.3.840 Description: A privilege escalation issue exists in the login.php functionality. An attacker can upload a malicious .php file to gain elevated access. Recommendations: At the moment, there is no...

CVE-2025-7950

CVE-2025-7950 affects code-projects Public Chat Room 1.0. The vulnerability exists in the login.php file where manipulating the Username parameter leads to SQL injection. The issue can be exploited remotely and the exploit has been publicly disclosed, indicating potential for unauthorized access ...

CVE-2025-7950 code-projects Public Chat Room login.php sql injection

A vulnerability was found in code-projects Public Chat Room 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-7925 PHPGurukul Online Banquet Booking System login.php cross site scripting

A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Banquet Booking System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. The manipulation of the argument userlogin/userpassword leads to cross site scripting. The attac...

CVE-2025-7829 code-projects Church Donation System login.php sql injection

A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The...

PT-2025-30139 · Unknown · Church Donation System

Name of the Vulnerable Software and Affected Versions: Church Donation System version 1.0 Description: A vulnerability exists in Church Donation System 1.0. The issue is a SQL injection affecting an unknown functionality of the file /login.php. Manipulation of the Username argument can lead to...

CVE-2025-7612 code-projects Mobile Shop login.php sql injection

A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7612

The CVE-2025-7612 entry describes a SQL injection in code-projects Mobile Shop 1.0 via the email parameter in /login.php. Multiple connected records confirm remote exploitation potential and that the exploit has been publicly disclosed. Impact is described as potentially enabling data theft or ma...

CVE-2025-7604

A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user-login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely...

CVE-2025-7604 PHPGurukul Hospital Management System user-login.php sql injection

A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user-login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely...

CVE-2025-7604

CVE-2025-7604 affects PHPGurukul Hospital Management System 4.0. A SQL injection vulnerability exists in the /user-login.php file where the Username parameter is not validated, allowing remote exploitation. The exploit has been publicly disclosed. Remediation suggestions from PT-2025-29462 includ...

CVE-2025-7180 code-projects Staff Audit System login.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-7180 code-projects Staff Audit System login.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-7178 code-projects Food Distributor Site login.php sql injection

A vulnerability classified as critical has been found in code-projects Food Distributor Site 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-7157

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7157 code-projects Online Note Sharing login.php sql injection

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7157 code-projects Online Note Sharing login.php sql injection

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...