CVE-2025-25462

A SQL Injection vulnerability was found in /admin/add-propertytype.php in PHPGurukul Land Record System Project in PHP v1.0 allows remote attackers to execute arbitrary code via the propertytype POST request parameter...

CVE-2025-25462

A SQL Injection vulnerability was found in /admin/add-propertytype.php in PHPGurukul Land Record System Project in PHP v1.0 allows remote attackers to execute arbitrary code via the propertytype POST request parameter...

CVE-2023-41505

An arbitrary file upload vulnerability in the Add Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2023-41503

Student Enrollment In PHP v1.0 was discovered to contain a SQL injection vulnerability via the Login function...

CVE-2023-41503

Student Enrollment In PHP v1.0 was discovered to contain a SQL injection vulnerability via the Login function...

CVE-2023-41503

CVE-2023-41503 affects the open-source “Student Enrollment In PHP v1.0.” The vulnerability is a SQL injection in the Login function, caused by unsafe SQL handling in the authentication flow. It is rated CVSS v3.1 base score 9.8 (CRITICAL) with Network attack vector, no privileges required, no use...

CVE-2023-41506

An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2023-41506

An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2024-22917

SQL injection vulnerability in Dynamic Lab Management System Project in PHP v.1.0 allows a remote attacker to execute arbitrary code via a crafted script...

Online Leave Management System 1.0 SQL Injection

Exploit Title: OLMS - PHP by: oretnom23 v1.0 SQL-Injection-Bypass-Authentication in /leavesystem/classes/Login.php. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 08.31.2021 Vendor: https://www.sourcecodester.com/php/14910/online-leave-management-system-php-free-source-code.html...

CVE-2019-10708

S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter...

Cross site request forgery (csrf)

S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI, a related issue to CVE-2019-9040...

Simple Blog PHP v1.0 - Multiple Web Vulnerabilities

Document Title: =============== Simple Blog PHP v1.0 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=602 Release Date: ============= 2012-06-08 Vulnerability Laboratory ID VL-ID: ==================================== 602...

Mms Gallery PHP 1.0 - id Remote File Disclosure

Mms Gallery PHP 1.0 - id Remote File Disclosure MMS Gallery in PHP v1.0 id Remote File Disclosure Vulnerability D.Script : http://www.mms2web.com/mmsgalleryphp.zip POC : /mmstemplate/getimage.php?id=../../../../../../../../etc/passwd /mmstemplate/getfile.php?id=../../../../../../../../etc/passwd...

mms-lfi.txt

MMS Gallery in PHP v1.0 id Remote File Disclosure Vulnerability D.Script : http://www.mms2web.com/mmsgalleryphp.zip POC : /mmstemplate/getimage.php?id=../../../../../../../../etc/passwd /mmstemplate/getfile.php?id=../../../../../../../../etc/passwd...