Lucene search
K

532 matches found

Nuclei
Nuclei
added 2026/02/04 7:0 a.m.78 views

Prison Management System - SQL Injection Authentication Bypass

Sql injection vulnerability was found on the login page in Prison Management System id: CVE-2024-33288 info: name: Prison Management System - SQL Injection Authentication Bypass author: s4e-io severity: high description: | Sql injection vulnerability was found on the login page in Prison Manageme...

7.3CVSS7.4AI score0.0081EPSS
Exploits3References2
Rapid7 Blog
Rapid7 Blog
added 2026/01/16 6:49 p.m.30 views

Metasploit Wrap-Up 01/16/2026

Persistence, dMSA Abuse & RCE Goodies This week, we have received a lot of contributions from the community, such as h00die, Chocapikk and countless others, which is greatly appreciated. This week’s modules and improvements in Metasploit Framework range from new modules, such as dMSA Abuse...

9.9CVSS7.5AI score0.97875EPSS
Exploits35
Metasploit
Metasploit
added 2026/01/08 6:56 p.m.348 views

Prison Management System 1.0 Authenticated RCE via Unrestricted File Upload

This module exploits an unrestricted file upload vulnerability in Prison Management System 1.0. An authenticated user can upload a PHP file with arbitrary content by abusing the avatar upload functionality in the add-admin.php endpoint. The application fails to properly validate the uploaded file...

8.8CVSS5.9AI score0.03275EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/01/08 12:0 a.m.155 views

📄 Prison Management System 1.0 Shell Upload

This Metasploit module exploits an unrestricted file upload vulnerability in Prison Management System version 1.0. An authenticated user can upload a PHP file with arbitrary content by abusing the avatar upload functionality in the add-admin.php endpoint. The application fails to properly validat...

8.8CVSS7.1AI score0.03275EPSS
Exploits3
CNVD
CNVD
added 2025/12/25 12:0 a.m.4 views

Prison Management System search.php File SQL Injection Vulnerability

Prison Management System is a prison management system. Prison Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter keyname in the file /admin/search.php. An attacker can exploit this...

8.8CVSS8.3AI score0.00307EPSS
Exploits1References1
CNVD
CNVD
added 2025/12/25 12:0 a.m.2 views

Prison Management System search1.php File SQL Injection Vulnerability

Prison Management System is a prison management system. Prison Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter keyname in the file /admin/search1.php. An attacker can exploit this...

9.8CVSS8.3AI score0.00385EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/14 12:2 p.m.10 views

CVE-2025-14590

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

9.8CVSS7AI score0.00385EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/14 11:0 a.m.8 views

CVE-2025-14589

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...

8.8CVSS6.3AI score0.00307EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/13 6:30 p.m.7 views

EUVD-2025-203258

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...

6.5CVSS6.3AI score0.00307EPSS
Exploits1References6
EUVD
EUVD
added 2025/12/13 6:30 p.m.4 views

EUVD-2025-203261

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

7.5CVSS6.6AI score0.00385EPSS
Exploits1References6
NVD
NVD
added 2025/12/13 4:16 p.m.5 views

CVE-2025-14590

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

9.8CVSS0.00385EPSS
Exploits1References5
OSV
OSV
added 2025/12/13 4:16 p.m.5 views

CVE-2025-14589

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...

8.8CVSS5.7AI score0.00307EPSS
Exploits1References5
NVD
NVD
added 2025/12/13 4:16 p.m.5 views

CVE-2025-14589

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...

8.8CVSS0.00307EPSS
Exploits1References5
OSV
OSV
added 2025/12/13 4:16 p.m.3 views

CVE-2025-14590

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

9.8CVSS5.8AI score0.00385EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/13 12:2 p.m.2 views

CVE-2025-14590 code-projects Prison Management System search1.php sql injection

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

7.5CVSS6.7AI score0.00385EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/13 12:2 p.m.28 views

CVE-2025-14590 code-projects Prison Management System search1.php sql injection

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

7.5CVSS0.00385EPSS
Exploits1References5
CVE
CVE
added 2025/12/13 12:2 p.m.15 views

CVE-2025-14590

The CVE-2025-14590 entry relates to code-projects Prison Management System 2.0, with SQL injection in the file /admin/search1.php via the keyname parameter. The vulnerability is exploitable remotely and an exploit has been publicly disclosed. The condition is caused by lack of input validation fo...

9.8CVSS7.3AI score0.00385EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2025/12/13 10:32 a.m.16 views

CVE-2025-14589

Summary (CVE-2025-14589) : The “code-projects Prison Management System 2.0” is affected by a SQL injection vulnerability in the file /admin/search.php, triggered by manipulating the parameter keyname . The underlying cause is lack of validation of externally supplied SQL, enabling remote exploita...

8.8CVSS6.3AI score0.00307EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/12/13 10:32 a.m.29 views

CVE-2025-14589 code-projects Prison Management System search.php sql injection

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...

6.5CVSS0.00307EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2025/12/13 10:32 a.m.6 views

CVE-2025-14589

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made...

8.8CVSS5.4AI score0.00307EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder