26 matches found
CVE-2025-14179
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at...
CVE-2021-36438
The CVE-2021-36438 entry concerns a SQL injection in the Sourcecodester Online Job Portal phppdo 1.0, exploitable via the category parameter in /jobportal/index.php. Affected component: the phppdo 1.0 web app; root cause is unvalidated input in category leading to SQL injection. Impact is describ...
AZL-73201 CVE-2025-14180 affecting package php for versions less than 8.3.29-1
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
EUVD-2020-21660
Malware in sbrugna...
EUVD-2025-3948
Malicious code in bioql PyPI...
Exploit for CVE-2025-32429
CVE-2025-32429 – SQL Injection in PHP PDO Prepared Statements...
CVE-2025-24792
Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...
CVE-2025-24792
Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...
CVE-2025-24792
CVE-2025-24792 concerns the Snowflake PHP PDO Driver: executing unsupported queries (e.g., PUT/GET on stages) triggers a signed-to-unsigned conversion error that crashes the application. Affected versions are 0.2.0–3.0.3; the issue is fixed in 3.1.0. Remediation is to upgrade to 3.1.0 or later. I...
CVE-2025-24792 Snowflake PHP PDO Driver has a Signed-to-Unsigned Conversion Error
Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...
CVE-2025-24792 Snowflake PHP PDO Driver has a Signed-to-Unsigned Conversion Error
Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...
E-Commerce Site Using PHP PDO 1.0 Cross Site Scripting
============================================================================================================================================= | Title : E-Commerce Site using PHP PDO v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 ...
E-Commerce Site Using PHP PDO 1.0 Directory Traversal
============================================================================================================================================= | Title : E-Commerce Site using PHP PDO v1.0 Directory traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
One Church Management System 1.0 SQL Injection Vulnerability
Exploit Title: One Church Management System 1.0 - attendancy.php search2 SQL Injection Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15225/church-management-software-free-download-full-version.html Version: 1.0 Tested on: Linux Title: ================ One Church...
Profiling System For Human Resource Management 1.0 Cross Site Scripting Vulnerability
Exploit Title: Profiling System For Human Resource Management | Stored XSS Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11222/profiling-system-human-resource-management.html Software...
Online Reviewer System 1.0 SQL Injection / Shell Upload
!/bin/bash Exploit Title: Online Reviewer System PHPPDO - RCE & ADMIN BYPASS Exploit Author: Richard Jones Date: 2021-01-31 Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...
CVE-2020-29285
SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to editcategory.php...
Sql injection
SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to editcategory.php...
CVE-2020-29285
SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to editcategory.php...
CVE-2020-29285
CVE-2020-29285 describes a SQL injection in a Point of Sales application (PHP/PDO 1.0) exploitable through the id parameter of edit_category.php. The vulnerability is exposed over the network, requires no authentication, and can impact confidentiality, integrity, and availability (per NVD CVSS 3....