itsourcecode Online Enrollment System SQL注入漏洞

itsourcecode Online Enrollment System is an open-source online registration system developed by itsourcecode. Version 1.0 of the itsourcecode Online Enrollment System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the USERID parameter in the...

EUVD-2026-16081

A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /myaccount/delete.php. Performing a manipulation of the argument cosid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public a...

itsourcecode Student Management System SQL注入漏洞

itsourcecode Student Management System is an open-source student management system developed by itsourcecode. Version 1.0 of the itsourcecode Student Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file...

Code-Projects Online Music Site SQL注入漏洞

Code-Projects Online Music Site is a Code-Projects open source online music site. Code-Projects Online Music Site version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter txtusername in the file /Administrator/PHP/AdminAddUser.php, which could...

CVE-2025-15208

A security flaw has been discovered in code-projects Refugee Food Management System 1.0. Affected by this issue is some unknown functionality of the file /home/editrefugee.php. The manipulation of the argument rfid results in sql injection. The attack can be launched remotely. The exploit has bee...

CVE-2023-53910

WBCE CMS 1.6.1 has a stored XSS vulnerability in the WYSIWYG editor: authenticated attackers can inject JavaScript by sending malicious content to /wbce/modules/wysiwyg/save.php (content parameter), which executes when pages are viewed. Root cause: improper input handling in page content. Impact:...

CVE-2018-25124

PacsOne Server 6.6.2 (and likely earlier) contains a directory traversal (local file inclusion) flaw in the web-based DICOM viewer. The vulnerability allows unauthenticated remote attackers to read arbitrary files via the nocache.php endpoint with a crafted path parameter. Exploitation evidence w...

CVE-2025-63622

A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/admin/subcategory.php. This manipulation of the argument category causes SQL injection...

EUVD-2025-36157

SQL injection vulnerability in the DRED virtual campus platform. This vulnerability allows an attacker to retrieve, create, update, and delete data from the database by sending a POST request using the ‘buscame’ parameter in ‘/catalogoc/catalogo.php’...

CVE-2025-11736

A flaw has been found in itsourcecode Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /index.php. This manipulation of the argument Username causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may...

CVE-2025-11284

A vulnerability has been found in Zytec Dalian Zhuoyun Technology Central Authentication Service 3. Affected by this vulnerability is an unknown functionality of the file /index.php/auth/Ops/git of the component HTTP Header Handler. The manipulation of the argument Authorization leads to use of...

EUVD-2023-3109

Malicious code in bioql PyPI...

EUVD-2025-28220

Malicious code in bioql PyPI...

CVE-2025-10797

A vulnerability was determined in code-projects Hostel Management System 1.0. This issue affects some unknown processing of the file /justines/index.php. This manipulation of the argument logemail causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed...

CVE-2025-10427

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/operation/user.php. Executing manipulation of the argument websiteimage can lead to unrestricted upload. It is possible to launch the attack remotely. The...

CVE-2025-56407

A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/mysql.php. The manipulation of the argument sql leads to sql injection. The attack can be initiated remotely. The exploit has been...

PT-2025-36334

Name of the Vulnerable Software and Affected Versions: itsourcecode POS Point of Sale System version 1.0 Description: A cross site scripting issue exists due to the manipulation of the scripts argument. This can be initiated remotely and affects some unknown functionality of the file...

CVE-2025-8983

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expensefor leads to sql injection. The attack may be initiated remotely. The exploit...

itsourcecode Online Tour and Travel Management System 注入漏洞

itsourcecode Online Tour and Travel Management System is itsourcecode open source an online tour and travel management system. An injection vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which originates from a SQL injection due to incorrect...

CVE-2025-7838

A vulnerability has been found in Campcodes Online Movie Theater Seat Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manageseat.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The...