PT-2026-45402

A vulnerability was detected in itsourcecode Online House Rental System 1.0. This impacts an unknown function of the file /manage payment.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

EUVD-2024-16666

Malicious code in bioql PyPI...

EUVD-2021-30543

Malicious code in bioql PyPI...

CVE-2025-52327

SQL Injection vulnerability in Restaurant Order System 1.0 allows a local attacker to obtain sensitive information via the payment.php file...

CVE-2025-6123

A vulnerability has been found in code-projects Restaurant Order System 1.0 and classified as critical. This vulnerability affects unknown code of the file /payment.php. The manipulation of the argument tabidNoti leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-6123 code-projects Restaurant Order System payment.php sql injection

A vulnerability has been found in code-projects Restaurant Order System 1.0 and classified as critical. This vulnerability affects unknown code of the file /payment.php. The manipulation of the argument tabidNoti leads to sql injection. The attack can be initiated remotely. The exploit has been...

PT-2025-25553 · Unknown · Code-Projects Restaurant Order System

Name of the Vulnerable Software and Affected Versions: code-projects Restaurant Order System version 1.0 Description: A critical vulnerability has been found in the code-projects Restaurant Order System, affecting the /payment.php file. The manipulation of the tabidNoti argument leads to SQL...

CampCodes Sales and Inventory System SQL Injection Vulnerability

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. CampCodes Sales and Inventory System suffers from a SQL injection vulnerability that stems from the improper handling of the cid parameter in the file /pages/payment.php, no details of the vulnerability are...

Arbitrary File Upload

Overview shopxo/shopxo is an e-commerce system. Affected versions of this package are vulnerable to Arbitrary File Upload via the params argument to the upload function in Payment.php. Remediation There is no fixed version for shopxo/shopxo. References - Vulnerable Code...

CVE-2024-0884

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function exec of the file payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2021-43631

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...

CVE-2006-3957

PHP remote file inclusion vulnerability in payment.php in BosDev BosDates allows remote attackers to execute arbitrary PHP code via a URL in the insPath parameter...

PT-2025-21868 · Unknown · Campcodes Sales/Inventory System

Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file /pages/payment.php. The manipulation of the cid argument leads to SQL injection. This issue...

CVE-2024-0884

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function exec of the file payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has...

Sql injection

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function exec of the file payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2024-0884

CVE-2024-0884 affects SourceCodester Online Tours & Travels Management System v1.0. The vulnerability lies in the function exec in the file payment.php, where the argument id manipulation leads to SQL injection. Exploitation can be remote, and public disclosure of the exploit is noted. Connected ...

CVE-2024-0884 SourceCodester Online Tours & Travels Management System payment.php exec sql injection

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function exec of the file payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2017-20075 Hindu Matrimonial Script payment.php privileges management

A vulnerability was found in Hindu Matrimonial Script. It has been classified as critical. This affects an unknown part of the file /admin/payment.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

Hindu Matrimonial Script 安全漏洞

A security vulnerability exists in Hindu Matrimonial Script, an online matrimonial service website of PHP Matrimonial Script India, which stems from improper privilege management in /admin/payment.php. No details of the vulnerability are currently available...

CVE-2021-43631

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...