28 matches found
CVE-2026-41659
Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint membersassignmentdata.php includes hidden profile fields BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY in its SQL search condition regardless of field visibility settings. While the...
CVE-2025-67146
Multiple SQL Injection vulnerabilities exist in AbhishekMali21 GYM-MANAGEMENT-SYSTEM 1.0 via the 'name' parameter in 1 membersearch.php, 2 trainersearch.php, and 3 gymsearch.php, and via the 'id' parameter in 4 paymentsearch.php. An unauthenticated remote attacker can exploit these issues to inje...
PT-2026-2301
Name of the Vulnerable Software and Affected Versions AbhishekMali21 GYM-MANAGEMENT-SYSTEM version 1.0 Description The application contains multiple SQL Injection flaws. These issues are present via the name parameter in the member search.php, trainer search.php, and gym search.php files, and via...
CVE-2025-67146
Multiple SQL Injection vulnerabilities exist in AbhishekMali21 GYM-MANAGEMENT-SYSTEM 1.0 via the 'name' parameter in 1 membersearch.php, 2 trainersearch.php, and 3 gymsearch.php, and via the 'id' parameter in 4 paymentsearch.php. An unauthenticated remote attacker can exploit these issues to inje...
CVE-2025-67146
Multiple SQL Injection vulnerabilities exist in AbhishekMali21 GYM-MANAGEMENT-SYSTEM 1.0 via the 'name' parameter in 1 membersearch.php, 2 trainersearch.php, and 3 gymsearch.php, and via the 'id' parameter in 4 paymentsearch.php. An unauthenticated remote attacker can exploit these issues to inje...
CVE-2025-14212
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...
CVE-2025-14212
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...
CVE-2025-14212
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...
EUVD-2025-201657
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2025-14212 projectworlds Advanced Library Management System member_search.php sql injection
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...
CVE-2025-14212
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...
CVE-2025-14212 projectworlds Advanced Library Management System member_search.php sql injection
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /membersearch.php. Executing a manipulation of the argument rollnumber can lead to sql injection. The attack may be launched remotely. The exploit has be...
CVE-2025-14212
CVE-2025-14212 affects projectworlds Advanced Library Management System 1.0. Affected functionality is at /member_search.php where manipulating the roll_number parameter can trigger a SQL injection. Exploitation is possible remotely, and an exploit has been published. The issue is corroborated ac...
PT-2025-49503
Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System that allows for SQL injection. This issue is related to an unknown functionality within the /member...
projectworlds Advanced Library Management System SQL注入漏洞
Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A SQL injection vulnerability exists in version 1.0 of projectworlds Advanced Library Management System, which stems from an incorrect manipulation of the parameter rollnumber in th...
EUVD-2018-20622
Malware in sbrugna...
CVE-2018-9017
dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...
CVE-2018-9017
dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...
Code injection
dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...
CVE-2018-9017
dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...