CVE-2025-45542

SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...

CVE-2025-45542

SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...

CVE-2025-45542

CVE-2025-45542 affects CloudClassroom-PHP-Project v1.0, specifically the registrationform endpoint where the pass parameter is not properly validated, enabling a time-based blind SQL injection. Multiple connected sources corroborate that an unauthenticated remote attacker can manipulate backend S...

CVE-2024-57459

A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands...

CVE-2025-45542

SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...

PT-2025-23532 · Unknown · Cloudclassroom-Php Project

Name of the Vulnerable Software and Affected Versions: CloudClassroom-PHP-Project version 1.0 Description: A SQL injection vulnerability exists in the registrationform endpoint of CloudClassroom-PHP-Project due to improper input validation, allowing attackers to inject SQL queries. The pass...

PT-2025-23534 · Unknown · Cloudclassroom-Php Project

Name of the Vulnerable Software and Affected Versions: CloudClassroom PHP Project version 1.0 Description: A time-based SQL injection issue exists due to improper validation of user input in the myds parameter of the mydetailsstudent.php file. This allows an attacker to inject arbitrary SQL...

CVE-2024-2266

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file /login.php of the component Login Page. The manipulation of the argument emailcookie/passwordcookie leads to cross site scripting. The attac...

CVE-2024-2355

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /secretcoder.sql. The manipulation leads to inclusion of sensitive information in source code. The attack can be launched...

CVE-2023-23156

Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page...

CVE-2024-57423

A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter of the assessment function...

CVE-2024-57423

A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter of the assessment function...

CVE-2024-57423

CVE-2024-57423 describes a Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0, where the exid parameter of the assessment function can be exploited to execute arbitrary code by a remote attacker. The NVD entry assigns CVSS‑3.1 metrics: AV:N, AC:L, PR:N, UI:R, S:C, C:L/I:L/A:N, ...

CVE-2024-48963

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning truste...

OS Command Injection

snyk-php-plugin is vulnerable to OS Command Injection. The vulnerability is due to improper handling of the current working directory name, allowing code injection if Snyk test is run inside an untrusted PHP project...

CVE-2024-48579

SQL Injection vulnerability in Best House rental management system project in php v.1.0 allows a remote attacker to execute arbitrary code via the username parameter of the login request...

CVE-2024-48963

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory name. Snyk recommends only scanning truste...

PT-2024-33300 · Snyk · Snyk Cli

Name of the Vulnerable Software and Affected Versions: Snyk CLI versions prior to 1.1294.0 Description: The issue is related to Code Injection when scanning an untrusted PHP project. It can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current...

Live Membership Management System 1.0 Code Injection

============================================================================================================================================= | Title : Live Membership Management System version 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser ...

Goati Track 1.0-2023 Insecure Settings

============================================================================================================================================= | Title : Gaati track v1.0-2023 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1...