CVE-2026-48248 Open ISES Tickets < 3.44.2 Disabled TLS Certificate Verification in incs/login.inc.php

Open ISES Tickets before 3.44.2 disables TLS certificate verification in incs/login.inc.php by setting CURLOPTSSLVERIFYPEER to false and not setting CURLOPTSSLVERIFYHOST when issuing outbound HTTPS requests issued during the login/authentication flow. An attacker positioned on the network path...

CVE-2026-5646

A security vulnerability has been detected in code-projects Easy Blog Site 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...

EUVD-2026-10215

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. The impacted element is an unknown function of the file /login.php. Performing a manipulation of the argument Username results in sql injection. The attack may be initiated remotely. The exploit has been...

PT-2026-23952

Name of the Vulnerable Software and Affected Versions SourceCodester Simple Responsive Tourism Website version 1.0 Description A SQL injection issue exists in the Login component of the software, specifically within the /tourism/classes/Login.php?f=login file. The Username argument is susceptible...

CVE-2026-2173

A vulnerability was identified in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely...

EUVD-2026-5777

A vulnerability was identified in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely...

PT-2025-53756

Name of the Vulnerable Software and Affected Versions code-projects Assessment Management version 1.0 Description A flaw exists in code-projects Assessment Management 1.0, specifically within the file login.php. Manipulation of the userid argument can lead to SQL injection. This issue is remotely...

EUVD-2025-203090

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/SProfile/login1.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed fro...

CVE-2025-60736

code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the upass parameter...

CVE-2025-13201

A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

CVE-2025-11424 code-projects Web-Based Inventory and POS System login.php sql injection

A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. This impacts an unknown function of the file /login.php. Executing manipulation of the argument emailid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclos...

EUVD-2008-5395

Malware in sbrugna...

EUVD-2025-24964

Malicious code in bioql PyPI...

Code-Projects Hostel Management System 安全漏洞

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter email in the file /justines/admin/login.php. An attacker can use this...

Web-Based Internet Laboratory Management System login.php File SQL Injection Vulnerability

Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from the lack of validation of externally entered SQL statements in the parameter useremail in the file login.php...

CVE-2025-10624 PHPGurukul User Management System login.php sql injection

A security flaw has been discovered in PHPGurukul User Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument emailid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and ma...

Sports Management System /login.php File SQL Injection Vulnerability

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that originates in the /login.php file that does not securely filter the User parameter. An attacker can exploit this vulnerability by constructing malicious SQL statements...

Code-Projects Human Resource Integrated System 安全漏洞

Human Resource Integrated System is a human resource management system. Human Resource Integrated System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter empid in the file /logintimeee.php. An attacker can...

CVE-2025-9691

A vulnerability has been found in Campcodes Online Shopping System 1.0. This impacts an unknown function of the file /login.php. Such manipulation of the argument Password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

Code-Projects Church Donation System 注入漏洞

The Church Donation System is a system of church giving. The Church Donation System suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement in the parameter Username in the file /login.php. An attacker can exploit this vulnerability...