Hostel Management System mod_users/index.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /justines/admin/modusers/index.php. An attacker can exploit this...

CVE-2025-11040

A vulnerability was detected in code-projects Hostel Management System 1.0. Affected by this issue is some unknown functionality of the file /justines/admin/modusers/index.php?view=view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit...

CVE-2025-11040

A vulnerability was detected in code-projects Hostel Management System 1.0. Affected by this issue is some unknown functionality of the file /justines/admin/modusers/index.php?view=view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit...

CVE-2025-11040 code-projects Hostel Management System index.php sql injection

A vulnerability was detected in code-projects Hostel Management System 1.0. Affected by this issue is some unknown functionality of the file /justines/admin/modusers/index.php?view=view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit...

PT-2024-25596 · Paypal · Paypal

Name of the Vulnerable Software and Affected Versions: PayPal, Credit Card and Debit Card Payment version 1.0 Description: The issue allows an attacker to exploit a SQL injection vulnerability by sending a specially crafted query to the server, potentially retrieving all stored information throug...

CVE-2024-3354

A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file admin/modusers/index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack...

CVE-2022-30528

SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/modusers/controller.php...

PT-2022-20159 · Unknown · Asith-Eranga Isic Tour Booking

Name of the Vulnerable Software and Affected Versions: asith-eranga ISIC tour booking versions prior to the version published after Feb 13th 2018 Description: The issue allows attackers to execute arbitrary commands via the username parameter to "/system/user/modules/mod users/controller.php". Th...

CVE-2018-18802

The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/modusers/controller.php?action=edit...