532 matches found
Prison Management System - SQL Injection Authentication Bypass
Sql injection vulnerability was found on the login page in Prison Management System id: CVE-2024-33288 info: name: Prison Management System - SQL Injection Authentication Bypass author: s4e-io severity: high description: | Sql injection vulnerability was found on the login page in Prison Manageme...
Metasploit Wrap-Up 01/16/2026
Persistence, dMSA Abuse & RCE Goodies This week, we have received a lot of contributions from the community, such as h00die, Chocapikk and countless others, which is greatly appreciated. This week’s modules and improvements in Metasploit Framework range from new modules, such as dMSA Abuse...
Prison Management System 1.0 Authenticated RCE via Unrestricted File Upload
This module exploits an unrestricted file upload vulnerability in Prison Management System 1.0. An authenticated user can upload a PHP file with arbitrary content by abusing the avatar upload functionality in the add-admin.php endpoint. The application fails to properly validate the uploaded file...
📄 Prison Management System 1.0 Shell Upload
This Metasploit module exploits an unrestricted file upload vulnerability in Prison Management System version 1.0. An authenticated user can upload a PHP file with arbitrary content by abusing the avatar upload functionality in the add-admin.php endpoint. The application fails to properly validat...
Prison Management System search.php File SQL Injection Vulnerability
Prison Management System is a prison management system. Prison Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter keyname in the file /admin/search.php. An attacker can exploit this...
Prison Management System search1.php File SQL Injection Vulnerability
Prison Management System is a prison management system. Prison Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter keyname in the file /admin/search1.php. An attacker can exploit this...
CVE-2025-14590
A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2025-14589
A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...
EUVD-2025-203258
A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...
EUVD-2025-203261
A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2025-14590
A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2025-14589
A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...
CVE-2025-14589
A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...
CVE-2025-14590
A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2025-14590 code-projects Prison Management System search1.php sql injection
A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2025-14590 code-projects Prison Management System search1.php sql injection
A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2025-14590
The CVE-2025-14590 entry relates to code-projects Prison Management System 2.0, with SQL injection in the file /admin/search1.php via the keyname parameter. The vulnerability is exploitable remotely and an exploit has been publicly disclosed. The condition is caused by lack of input validation fo...
CVE-2025-14589
Summary (CVE-2025-14589) : The “code-projects Prison Management System 2.0” is affected by a SQL injection vulnerability in the file /admin/search.php, triggered by manipulating the parameter keyname . The underlying cause is lack of validation of externally supplied SQL, enabling remote exploita...
CVE-2025-14589 code-projects Prison Management System search.php sql injection
A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...
CVE-2025-14589
A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...