38 matches found
CVE-2025-7605
A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has been...
Code-Projects AVL Rooms 安全漏洞
Code-Projects AVL Rooms is an AVL room system from Code-Projects open source. A security vulnerability exists in Code-Projects AVL Rooms version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter firstname in the file /profile.php...
CVE-2025-7126
A vulnerability, which was classified as critical, has been found in itsourcecode Employee Management System up to 1.0. Affected by this issue is some unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to sql injection. The attack may be...
CVE-2025-4358
A vulnerability classified as critical has been found in PHPGurukul Company Visitor Management System 2.0. Affected is an unknown function of the file /admin-profile.php. The manipulation of the argument adminname/mobilenumber leads to sql injection. It is possible to launch the attack remotely...
CVE-2025-29369
Code-Projects Matrimonial Site V1.0 is vulnerable to SQL Injection in /viewprofile.php?id=1...
CVE-2025-3184 projectworlds Online Doctor Appointment Booking System profile.php sql injection
A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This issue affects some unknown processing of the file /patient/profile.php?patientId=1. The manipulation of the argument patientFirstName leads to sql injection. The attack may be...
Restaurant Table Booking System /admin/profile.php File SQL Injection Vulnerability
Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that stems from an incorrect operation of the parameter mobilenumber in the /admin/profile.php file that can lead to SQL injection. No details of th...
PT-2025-6850 · Code Projects · Code-Projects Wazifa System
Name of the Vulnerable Software and Affected Versions: code-projects Wazifa System version 1.0 Description: A vulnerability was found in the processing of the file /Profile.php, where the manipulation of the postcontent argument leads to cross-site scripting. The attack may be initiated remotely...
CVE-2024-10765
A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the argument oldimage leads to unrestricted upload. The attack can be initiated remotely. The exploit ha...
CVE-2024-10450
A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /kortexlite/control/editprofile.php of the component POST Parameter Handler. The manipulation of the argument id leads...
CVE-2024-1007
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file editprofile.php. The manipulation of the argument txtfullname leads to sql injection. It is possible to launch the attack remotely. The explo...
CVE-2024-0782
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file pass-profile.php. The manipulation of the argument First Name/Last Name/User Name leads to cross site scripting. The attack can be...
Online Railway Reservation System Cross-Site Scripting Vulnerability
Online Railway Reservation system is a web-based application that provides an online platform for railroad or train station passengers or potential passengers to browse their schedules and book seats. A cross-site scripting vulnerability exists in Online Railway Reservation System version 1.0,...
PT-2023-26659 · Unknown · Campcodes Beauty Salon Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Beauty Salon Management System version 1.0 Description: A vulnerability was found in the system, affecting some unknown functionality of the file /admin/admin-profile.php. The manipulation of the adminname argument leads to cross si...
CVE-2022-38305
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the component /admin/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
FS Linkedin Clone SQL Injection Vulnerability
FS Linkedin Clone is a set of PHP and MySQL based scripts for job search and recruitment websites. A SQL injection vulnerability exists in FS Linkedin Clone version 1.0. A remote attacker can exploit this vulnerability by sending the 'grid' parameter to the group.php file, the 'fid' parameter to...
CVE-2017-17579
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter...
FS Freelancer Clone 1.0 - profile.php?u SQL Injection
FS Freelancer Clone 1.0 - profile.php?u SQL Injection Exploit Title: FS Freelancer Clone 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/freelancer-clone/ Demo: http://freelancer-clone.demonstration.co.i...