Lucene search
K

28 matches found

NVD
NVD
added 2026/05/07 4:16 a.m.16 views

CVE-2026-41659

Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint membersassignmentdata.php includes hidden profile fields BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY in its SQL search condition regardless of field visibility settings. While the...

2.7CVSS0.00258EPSS
Exploits0References2
NVD
NVD
added 2026/01/12 10:16 p.m.12 views

CVE-2025-67146

Multiple SQL Injection vulnerabilities exist in AbhishekMali21 GYM-MANAGEMENT-SYSTEM 1.0 via the 'name' parameter in 1 membersearch.php, 2 trainersearch.php, and 3 gymsearch.php, and via the 'id' parameter in 4 paymentsearch.php. An unauthenticated remote attacker can exploit these issues to inje...

9.4CVSS0.00553EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/12 12:0 a.m.14 views

PT-2026-2301

Name of the Vulnerable Software and Affected Versions AbhishekMali21 GYM-MANAGEMENT-SYSTEM version 1.0 Description The application contains multiple SQL Injection flaws. These issues are present via the name parameter in the member search.php, trainer search.php, and gym search.php files, and via...

9.4CVSS7.7AI score0.00553EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/01/12 12:0 a.m.19 views

CVE-2025-67146

Multiple SQL Injection vulnerabilities exist in AbhishekMali21 GYM-MANAGEMENT-SYSTEM 1.0 via the 'name' parameter in 1 membersearch.php, 2 trainersearch.php, and 3 gymsearch.php, and via the 'id' parameter in 4 paymentsearch.php. An unauthenticated remote attacker can exploit these issues to inje...

0.00553EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/12 12:0 a.m.5 views

CVE-2025-67146

Multiple SQL Injection vulnerabilities exist in AbhishekMali21 GYM-MANAGEMENT-SYSTEM 1.0 via the 'name' parameter in 1 membersearch.php, 2 trainersearch.php, and 3 gymsearch.php, and via the 'id' parameter in 4 paymentsearch.php. An unauthenticated remote attacker can exploit these issues to inje...

8.1AI score0.00553EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/09 3:9 a.m.6 views

CVE-2025-14212

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...

9.8CVSS7.2AI score0.00326EPSS
Exploits1References1
NVD
NVD
added 2025/12/08 3:16 a.m.6 views

CVE-2025-14212

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...

9.8CVSS0.00326EPSS
Exploits1References4
OSV
OSV
added 2025/12/08 3:16 a.m.5 views

CVE-2025-14212

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...

9.8CVSS5.8AI score
Exploits0References4
EUVD
EUVD
added 2025/12/08 3:2 a.m.9 views

EUVD-2025-201657

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has been...

7.5CVSS6.5AI score0.00326EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/08 3:2 a.m.2 views

CVE-2025-14212 projectworlds Advanced Library Management System member_search.php sql injection

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...

7.5CVSS7.2AI score0.00326EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2025/12/08 3:2 a.m.6 views

CVE-2025-14212

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...

9.8CVSS5.4AI score0.00326EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/12/08 3:2 a.m.28 views

CVE-2025-14212 projectworlds Advanced Library Management System member_search.php sql injection

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...

7.5CVSS0.00326EPSS
Exploits1References4
CVE
CVE
added 2025/12/08 3:2 a.m.13 views

CVE-2025-14212

CVE-2025-14212 affects projectworlds Advanced Library Management System 1.0. Affected functionality is at /member_search.php where manipulating the roll_number parameter can trigger a SQL injection. Exploitation is possible remotely, and an exploit has been published. The issue is corroborated ac...

9.8CVSS7.2AI score0.00326EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.10 views

PT-2025-49503

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System that allows for SQL injection. This issue is related to an unknown functionality within the /member...

9.8CVSS7.5AI score0.00326EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.3 views

projectworlds Advanced Library Management System SQL注入漏洞

Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A SQL injection vulnerability exists in version 1.0 of projectworlds Advanced Library Management System, which stems from an incorrect manipulation of the parameter rollnumber in th...

9.8CVSS7.8AI score0.00326EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-20622

Malware in sbrugna...

5.4CVSS5.5AI score0.00556EPSS
Exploits1References2
NVD
NVD
added 2018/03/25 6:29 p.m.17 views

CVE-2018-9017

dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...

5.4CVSS5.3AI score0.00556EPSS
Exploits1References1
OSV
OSV
added 2018/03/25 6:29 p.m.2 views

CVE-2018-9017

dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...

5.4CVSS5.8AI score0.00556EPSS
Exploits1References1
Prion
Prion
added 2018/03/25 6:29 p.m.13 views

Code injection

dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...

3.5CVSS5.2AI score0.00556EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/03/25 6:29 p.m.2 views

CVE-2018-9017

dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...

5.4CVSS5.3AI score0.00556EPSS
Exploits1References2
Rows per page
Query Builder