EUVD-2020-21658

Malware in sbrugna...

EUVD-2024-28899

Malicious code in bioql PyPI...

EUVD-2025-20282

Malicious code in bioql PyPI...

CVE-2025-45065

employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpoint...

CVE-2025-45065

employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpoint...

PT-2025-28184 · Unknown · Employee Record Management System

Name of the Vulnerable Software and Affected Versions: Employee Record Management System in PHP and MySQL version 1 Description: A SQL injection issue was found in the system via the "loginerms.php" endpoint. This allows for potential exploitation by injecting malicious SQL code. Recommendations:...

PT-2025-26833 · Unknown · Student Record System Using Php/Mysql

Name of the Vulnerable Software and Affected Versions: Student Record system Using PHP and MySQL version 3.20 Description: The issue allows a remote attacker to obtain sensitive information via a crafted payload to the cshortname, cfullname, and cdate variables. This is a SQL Injection...

CVE-2024-27685

SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote attacker to obtain sensitive information via a crafted payload to the $cshortname, $cfullname, and $cdate variables...

Dairy Farm Shop Management System /profile.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter mobilenumber in the file...

Detecting and Mitigating SQL Injection Vulnerabilities in Web Applications

SQL injection SQLi remains a critical vulnerability in web applications, enabling attackers to manipulate databases through malicious inputs. Despite advancements in mitigation techniques, the evolving complexity of web applications and attack strategies continues to pose significant risks. This...

CVE-2024-24945

A stored cross-site scripting XSS vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php...

CVE-2024-51101

PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /rtbs/check-status.php...

Beauty Parlour And Saloon Management System 1.1 Insecure Cookie Handling

==================================================================================================================================== | Title : Beauty Parlour & Saloon Management System 1.1 Insecure Cookie Handling Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

Online Marriage Registration System 1.0 Shell Upload

============================================================================================================================================= | Title : Online Marriage Registration System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

CVE-2024-24945

A stored cross-site scripting XSS vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php...

CVE-2024-24041

A stored cross-site scripting XSS vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php...

Emlog Pro Cross-Site Scripting Vulnerability

emlog is a PHP and MySQL based CMS builder. Emlog Pro v2.1.14 version of a cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the component /admin/article.php?activesavedraft, which can be exploited by an attacker...

WordPress David Anderson Testimonial Slider Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WUZHI CMS SQL Injection Vulnerability (CNVD-2022-36985)

Wuzhi WUZHI CMS is a PHP and MySQL based open source content management system CMS from Wuzhi.WUZHI CMS version 4.1.0 is vulnerable to SQL injection, which originates from the grouppid parameter of /coreframe/app/member/admin/group.php. parameter lacks validation for external input SQL statements...

WordPress WooCommerce plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. SQL injection vulnerability exists in versions of...