Student File Management System stud_no Parameter SQL Injection Vulnerability

Student File Management System is a student file management system. Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter studentno in the file loginquery.php. An attacker can...

PT-2025-51128

A vulnerability was determined in code-projects Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/login query.php. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit...

EUVD-2025-28884

Malicious code in bioql PyPI...

CVE-2025-9740 code-projects Human Resource Integrated System log_query.php sql injection

A vulnerability was found in code-projects Human Resource Integrated System 1.0. This affects an unknown part of the file /logquery.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

CVE-2025-9740

CVE-2025-9740 affects code-projects Human Resource Integrated System 1.0. The vulnerability is in /log_query.php where manipulation of the ID parameter enables SQL injection, with remote exploitation and public availability of the exploit. Multiple sources corroborate the issue across vendors and...

Tongda2000 SQL注入漏洞

Tongda2000 is a web-based intelligent office system from Tongda, China. a SQL injection vulnerability exists in Tongda2000 v11.10, which stems from the product's failure to effectively filter the special characters in the DELETESTR parameter data in the deletequery.php file. An attacker could...