PT-2025-18199 · Vmsman · Vmsman

Name of the Vulnerable Software and Affected Versions: VMSMan up to 20250416 Description: A problem was found in the software. It affects some unknown functionality of the file /login.php. The issue can be exploited by manipulating the Email argument with the input "alert1, leading to cross-site...

CVE-2025-3556 ScriptAndTools eCommerce-website-in-PHP login.php excessive authentication

A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be...

CVE-2025-3556

CVE-2025-3556 affects ScriptAndTools eCommerce-website-in-PHP 3.0. The vulnerability resides in an unknown functionality of /admin/login.php, where improper restriction of excessive authentication attempts can be exploited remotely. Documents consistently describe high attack complexity and high ...

CVE-2025-3187

A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument logindetail leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-3187

A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument logindetail leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-2656

A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/login.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2025-2656 PHPGurukul Zoo Management System login.php sql injection

A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/login.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2025-2385

A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument userEmail/userPassword leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-1954 PHPGurukul Human Metapneumovirus Testing Management System login.php sql injection

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument username leads to sql injection. The attack can be...

CVE-2025-1859 PHPGurukul News Portal login.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file /login.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to t...

CVE-2025-1859 PHPGurukul News Portal login.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file /login.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to t...

CVE-2025-1842

A vulnerability classified as problematic was found in FITSTATS Technologies AthleteMonitoring up to 20250302. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit...

CVE-2025-1842 FITSTATS Technologies AthleteMonitoring login.php cross site scripting

A vulnerability classified as problematic was found in FITSTATS Technologies AthleteMonitoring up to 20250302. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit...

CVE-2025-1842

CVE-2025-1842 affects FITSTATS Technologies AthleteMonitoring (up to version 20250302). The vulnerability is a cross-site scripting flaw in the /login.php login flow caused by manipulation of the username parameter in user input. It is exploitable remotely, and publicly disclosed exploits exist. ...

CVE-2022-3583

A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument business leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2024-12964

A vulnerability was found in 1000 Projects Daily College Class Work Report Book 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The exploit h...

CVE-2024-10509

A vulnerability, which was classified as critical, has been found in Codezips Online Institute Management System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2024-8569

A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file user-login.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely...

CVE-2025-0486 Fanli2012 native-php-cms login.php sql injection

A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fladmin/login.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploi...

CVE-2025-0207

CVE-2025-0207 : In code-projects Online Shoe Store 1.0, the vulnerability is a SQL injection in the file /function/login.php triggered by manipulating the password parameter. The issue is remote-exploitable and has publicly disclosed exploits. Multiple sources (NVD, CVE listings, CNVD, Red Hat ad...