CVE-2026-11530 imvks786 student_management_system Login index.ph sql injection

A vulnerability was identified in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This affects an unknown function of the file /index.ph of the component Login. Such manipulation of the argument usr/pwd leads to sql injection. The attack can be executed remotely...

PT-2026-47334

A vulnerability was identified in imvks786 student management system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This affects an unknown function of the file /index.ph of the component Login. Such manipulation of the argument usr/pwd leads to sql injection. The attack can be executed remotely...

CVE-2026-2221

A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The...

CVE-2026-2166

A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack is possible to be carried...

Code-Projects Online Reviewer System SQL注入漏洞

The Code-Projects Online Reviewer System is an online review system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Online Reviewer System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter “Username” in the file...

CVE-2026-2166

Summary: CVE-2026-2166 affects code-projects Online Reviewer System 1.0, specifically the Login component’s file /login/index.php. The vulnerability arises from manipulation of the username/password arguments, leading to an SQL injection. It can be exploited remotely and the exploit has been publ...

CVE-2025-14536 code-projects Class and Exam Timetable Management Login index.php sql injection

A security flaw has been discovered in code-projects Class and Exam Timetable Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login. The manipulation of the argument username/password results in sql injection. The attack may be...

CVE-2024-2009

A vulnerability was found in Nway Pro 9. It has been rated as problematic. Affected by this issue is the function ajaxloginsubmitform of the file login\index.php of the component Argument Handler. The manipulation of the argument rsargs leads to information exposure through error message. The...

The vulnerability of the login/index.php implementation of the application for managing servers with CentOS Web Panel allows a hacker to execute arbitrary commands.

The vulnerability of the login/index.php implementation of the server management application for CentOS Web Panel is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute...

CentOS Web Panel 操作系统命令注入漏洞

CentOS Web Panel CWP is a free web hosting control panel from the Control Web Panel community. A security vulnerability exists in versions prior to Centos Web Panel 7 v0.9.8.1147, which stems from a problem with the /login/index.php component that allows an unauthenticated attacker to execute...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the xn function in RockMongo 1.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 db parameter on the login page or 2 username parameter in a login.index action to index.php and other unspecified parameters...