CVE-2026-37602

SourceCodester Patient Appointment Scheduler System v1.0 is affected by a SQL Injection in /scheduler/admin/user/manage_user.php. The CVE reports a low-severity issue (CVSS v3.1: 2.7, LOW) with NETWORK attack vector, HIGH privileges required, and no user interaction. Impact is limited to confiden...

CVE-2026-5237

Affected software: itsourcecode Payroll Management System 1.0. The vulnerability resides in the Parameter Handler, specifically affecting the /manage_user.php file. A crafted manipulation of the ID parameter enables an SQL injection, with remote exploitation possible. Public exploit exists, indic...

CVE-2023-2218

A vulnerability has been found in SourceCodester Task Reminder System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2023-1791

A vulnerability has been found in SourceCodester Simple Task Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file manageuser.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. Th...

CVE-2022-40049

SQL injection vulnerability in sourcecodester Theme Park Ticketing System 1.0 allows remote attackers to view sensitive information via the id parameter to the /tpts/manageuser.php page...

Theme Park Ticketing System SQL注入漏洞

Theme Park Ticketing System is a theme park ticketing system by the individual developer Carlo Montero. A SQL injection vulnerability exists in Theme Park Ticketing System version 1.0 that could allow a remote attacker to view sensitive information via the id parameter on the /tpts/manageuser.php...