Lucene search
K

38 matches found

OSV
OSV
added 2025/07/14 1:15 p.m.5 views

CVE-2025-7605

A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has been...

9.8CVSS5.8AI score0.00396EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/14 12:0 a.m.5 views

Code-Projects AVL Rooms 安全漏洞

Code-Projects AVL Rooms is an AVL room system from Code-Projects open source. A security vulnerability exists in Code-Projects AVL Rooms version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter firstname in the file /profile.php...

9.8CVSS7.8AI score0.00396EPSS
Exploits1References6
OSV
OSV
added 2025/07/07 12:15 p.m.4 views

CVE-2025-7126

A vulnerability, which was classified as critical, has been found in itsourcecode Employee Management System up to 1.0. Affected by this issue is some unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to sql injection. The attack may be...

7.2CVSS5.7AI score
Exploits0References5
OSV
OSV
added 2025/05/06 2:15 p.m.5 views

CVE-2025-4358

A vulnerability classified as critical has been found in PHPGurukul Company Visitor Management System 2.0. Affected is an unknown function of the file /admin-profile.php. The manipulation of the argument adminname/mobilenumber leads to sql injection. It is possible to launch the attack remotely...

9.8CVSS5.8AI score0.00438EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/04/05 12:32 a.m.27 views

CVE-2025-29369

Code-Projects Matrimonial Site V1.0 is vulnerable to SQL Injection in /viewprofile.php?id=1...

9.8CVSS8.4AI score0.00615EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/03 10:31 p.m.13 views

CVE-2025-3184 projectworlds Online Doctor Appointment Booking System profile.php sql injection

A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This issue affects some unknown processing of the file /patient/profile.php?patientId=1. The manipulation of the argument patientFirstName leads to sql injection. The attack may be...

7.5CVSS0.00551EPSS
Exploits1References4
CNVD
CNVD
added 2025/03/11 12:0 a.m.4 views

Restaurant Table Booking System /admin/profile.php File SQL Injection Vulnerability

Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that stems from an incorrect operation of the parameter mobilenumber in the /admin/profile.php file that can lead to SQL injection. No details of th...

9.8CVSS8.1AI score0.00383EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/02/12 12:0 a.m.4 views

PT-2025-6850 · Code Projects · Code-Projects Wazifa System

Name of the Vulnerable Software and Affected Versions: code-projects Wazifa System version 1.0 Description: A vulnerability was found in the processing of the file /Profile.php, where the manipulation of the postcontent argument leads to cross-site scripting. The attack may be initiated remotely...

5.4CVSS6.6AI score0.00313EPSS
Exploits1References10
OSV
OSV
added 2024/11/04 4:15 p.m.5 views

CVE-2024-10765

A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the argument oldimage leads to unrestricted upload. The attack can be initiated remotely. The exploit ha...

9.8CVSS5.5AI score0.00519EPSS
Exploits1References4
OSV
OSV
added 2024/10/28 3:15 p.m.3 views

CVE-2024-10450

A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /kortexlite/control/editprofile.php of the component POST Parameter Handler. The manipulation of the argument id leads...

9.8CVSS6.5AI score0.00543EPSS
Exploits1References5
OSV
OSV
added 2024/01/29 4:15 p.m.3 views

CVE-2024-1007

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file editprofile.php. The manipulation of the argument txtfullname leads to sql injection. It is possible to launch the attack remotely. The explo...

7.2CVSS5.7AI score0.00589EPSS
Exploits1References3
OSV
OSV
added 2024/01/22 5:15 p.m.4 views

CVE-2024-0782

A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file pass-profile.php. The manipulation of the argument First Name/Last Name/User Name leads to cross site scripting. The attack can be...

6.1CVSS3.8AI score
Exploits0References3
CNNVD
CNNVD
added 2024/01/22 12:0 a.m.6 views

Online Railway Reservation System Cross-Site Scripting Vulnerability

Online Railway Reservation system is a web-based application that provides an online platform for railroad or train station passengers or potential passengers to browse their schedules and book seats. A cross-site scripting vulnerability exists in Online Railway Reservation System version 1.0,...

6.1CVSS6.2AI score0.00571EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/07/25 12:0 a.m.4 views

PT-2023-26659 · Unknown · Campcodes Beauty Salon Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Beauty Salon Management System version 1.0 Description: A vulnerability was found in the system, affecting some unknown functionality of the file /admin/admin-profile.php. The manipulation of the adminname argument leads to cross si...

6.1CVSS4.3AI score0.00519EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2022/09/13 11:15 p.m.5 views

CVE-2022-38305

AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the component /admin/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

8.8CVSS6.1AI score0.00947EPSS
Exploits1References2
CNVD
CNVD
added 2017/12/15 12:0 a.m.3 views

FS Linkedin Clone SQL Injection Vulnerability

FS Linkedin Clone is a set of PHP and MySQL based scripts for job search and recruitment websites. A SQL injection vulnerability exists in FS Linkedin Clone version 1.0. A remote attacker can exploit this vulnerability by sending the 'grid' parameter to the group.php file, the 'fid' parameter to...

9.8CVSS8AI score0.02978EPSS
Exploits1References1
OSV
OSV
added 2017/12/13 9:29 a.m.6 views

CVE-2017-17579

FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter...

9.8CVSS5.8AI score
Exploits0References2
exploitpack
exploitpack
added 2017/12/09 12:0 a.m.22 views

FS Freelancer Clone 1.0 - profile.php?u SQL Injection

FS Freelancer Clone 1.0 - profile.php?u SQL Injection Exploit Title: FS Freelancer Clone 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/freelancer-clone/ Demo: http://freelancer-clone.demonstration.co.i...

0.1AI score
Exploits0
Rows per page
Query Builder