EUVD-2024-31033

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...

CVE-2024-33288

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...

PT-2026-38668

Name of the Vulnerable Software and Affected Versions Prison Management System Using PHP version 1.0 Description An issue exists on the Admin login page where the username parameter is susceptible to SQL injection, a technique that allows an attacker to interfere with the queries that an...

CVE-2024-33288

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...

CVE-2024-33288

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...

CVE-2026-2177 SourceCodester Prison Management System Login session fixiation

A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown function of the component Login. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

CVE-2026-2177 SourceCodester Prison Management System Login session fixiation

A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown function of the component Login. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

EUVD-2026-5773

A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown function of the component Login. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

CVE-2026-2177

A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown function of the component Login. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

SourceCodester Prison Management System 授权问题漏洞

The SourceCodester Prison Management System is an open-source prison management system developed by SourceCodester. Version 1.0 of the SourceCodester Prison Management System has vulnerabilities related to authorization issues. These vulnerabilities stem from session fixation, which may lead to...

PT-2026-7009

Name of the Vulnerable Software and Affected Versions SourceCodester Prison Management System version 1.0 Description A session fixation issue exists in the Login component of the software. The issue is triggered through manipulation of an unknown function within the Login component and can be...

Prison Management System - SQL Injection Authentication Bypass

Sql injection vulnerability was found on the login page in Prison Management System id: CVE-2024-33288 info: name: Prison Management System - SQL Injection Authentication Bypass author: s4e-io severity: high description: | Sql injection vulnerability was found on the login page in Prison Manageme...

Metasploit Wrap-Up 01/16/2026

Persistence, dMSA Abuse & RCE Goodies This week, we have received a lot of contributions from the community, such as h00die, Chocapikk and countless others, which is greatly appreciated. This week’s modules and improvements in Metasploit Framework range from new modules, such as dMSA Abuse...

Prison Management System 1.0 Authenticated RCE via Unrestricted File Upload

This module exploits an unrestricted file upload vulnerability in Prison Management System 1.0. An authenticated user can upload a PHP file with arbitrary content by abusing the avatar upload functionality in the add-admin.php endpoint. The application fails to properly validate the uploaded file...

📄 Prison Management System 1.0 Shell Upload

This Metasploit module exploits an unrestricted file upload vulnerability in Prison Management System version 1.0. An authenticated user can upload a PHP file with arbitrary content by abusing the avatar upload functionality in the add-admin.php endpoint. The application fails to properly validat...

Prison Management System search.php File SQL Injection Vulnerability

Prison Management System is a prison management system. Prison Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter keyname in the file /admin/search.php. An attacker can exploit this...

Prison Management System search1.php File SQL Injection Vulnerability

Prison Management System is a prison management system. Prison Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter keyname in the file /admin/search1.php. An attacker can exploit this...

CVE-2025-14590

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-14589

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...

EUVD-2025-203261

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...