CVE-2025-14179

A flaw was found in PHP. The PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at the NUL byte, dropping the closing quote and causing subsequent SQL tokens...

CVE-2021-36438

The CVE-2021-36438 entry concerns a SQL injection in the Sourcecodester Online Job Portal phppdo 1.0, exploitable via the category parameter in /jobportal/index.php. Affected component: the phppdo 1.0 web app; root cause is unvalidated input in category leading to SQL injection. Impact is describ...

AZL-73201 CVE-2025-14180 affecting package php for versions less than 8.3.29-1

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

EUVD-2020-21660

Malware in sbrugna...

EUVD-2025-3948

Malicious code in bioql PyPI...

Exploit for CVE-2025-32429

CVE-2025-32429 – SQL Injection in PHP PDO Prepared Statements...

CVE-2025-24792

Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...

CVE-2025-24792

Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...

CVE-2025-24792 Snowflake PHP PDO Driver has a Signed-to-Unsigned Conversion Error

Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...

CVE-2025-24792

CVE-2025-24792 concerns the Snowflake PHP PDO Driver: executing unsupported queries (e.g., PUT/GET on stages) triggers a signed-to-unsigned conversion error that crashes the application. Affected versions are 0.2.0–3.0.3; the issue is fixed in 3.1.0. Remediation is to upgrade to 3.1.0 or later. I...

CVE-2025-24792 Snowflake PHP PDO Driver has a Signed-to-Unsigned Conversion Error

Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...

E-Commerce Site Using PHP PDO 1.0 Cross Site Scripting

============================================================================================================================================= | Title : E-Commerce Site using PHP PDO v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 ...

E-Commerce Site Using PHP PDO 1.0 Directory Traversal

============================================================================================================================================= | Title : E-Commerce Site using PHP PDO v1.0 Directory traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

One Church Management System 1.0 SQL Injection Vulnerability

Exploit Title: One Church Management System 1.0 - attendancy.php search2 SQL Injection Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15225/church-management-software-free-download-full-version.html Version: 1.0 Tested on: Linux Title: ================ One Church...

Profiling System For Human Resource Management 1.0 Cross Site Scripting Vulnerability

Exploit Title: Profiling System For Human Resource Management | Stored XSS Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11222/profiling-system-human-resource-management.html Software...

Online Reviewer System 1.0 SQL Injection / Shell Upload

!/bin/bash Exploit Title: Online Reviewer System PHPPDO - RCE & ADMIN BYPASS Exploit Author: Richard Jones Date: 2021-01-31 Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...

CVE-2020-29285

SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to editcategory.php...

Sql injection

SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to editcategory.php...

CVE-2020-29285

CVE-2020-29285 describes a SQL injection in a Point of Sales application (PHP/PDO 1.0) exploitable through the id parameter of edit_category.php. The vulnerability is exposed over the network, requires no authentication, and can impact confidentiality, integrity, and availability (per NVD CVSS 3....

CVE-2020-29285

SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to editcategory.php...