CVE-2026-6163

A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

CVE-2026-6167 code-projects Faculty Management System subject-print.php sql injection

A vulnerability was detected in code-projects Faculty Management System 1.0. Impacted is an unknown function of the file /subject-print.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2026-3830 Product Filter for WooCommerce by WBW < 3.1.3 - Unauthenticated SQLi

The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

CVE-2025-15441

The CVE concerns the WordPress plugin Form Maker by 10Web. Versions prior to 1.15.38 expose a SQL Injection risk due to improper preparation of SQL queries when the MySQL Mapping feature is used. Affected product: Form Maker by 10Web (WordPress plugin); vulnerable component: SQL query handling wi...

CVE-2026-6163

CVE-2026-6163 : In code-projects Lost and Found Thing Management 1.0, manipulation of the argument cat in /catageory.php enables SQL injection via an unsanitized input parameter. The issue is exploitable remotely and the exploit is publicly available. The CVSS metrics in the connected documents i...

CVE-2026-6153

A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. Impacted is an unknown function of the file /util/StaffDetailsFunction.php. Such manipulation of the argument STAFFID leads to sql injection. The attack can be launched remotely. The exploit is publicly...

EUVD-2026-21778

A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/StaffAddingFunction.php. This manipulation of the argument STAFFID causes sql injection. The attack can be initiated remotely. The exploit has been...

EUVD-2026-21780

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

CVE-2026-6142 tushar-2223 Hotel Management System roomdelete.php sql injection

A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. Affected by this vulnerability is an unknown functionality of the file /admin/roomdelete.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of th...

CVE-2026-36873

Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/loadadmin.php...

PT-2026-32332

Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load book.php...

SourceCodester Cab Management System 安全漏洞

SourceCodester Cab Management System is an open-source taxi management system developed by SourceCodester. Version 1.0 of the SourceCodester Cab Management System has a security vulnerability, which stems from SQL injection in the /cms/admin/categories/viewcategory.php file...

PT-2026-32337

Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php...

SourceCodester Online Thesis Archiving System 安全漏洞

The SourceCodester Online Thesis Archiving System is an open-source online thesis archiving system developed by SourceCodester. Version 1.0 of the SourceCodester Online Thesis Archiving System contains a security vulnerability, which stems from SQL injection in the file...

SourceCodester Online Resort Management System 安全漏洞

The SourceCodester Online Resort Management System is an open-source network-based application developed by SourceCodester. It provides online room booking capabilities and can also be used as a simple website for resorts. Version 1.0 of the SourceCodester Online Resort Management System has a...

WordPress plugin Form Maker by 10Web 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

CVE-2026-36943

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/managerepair.php...

Code-Projects Lost and Found Thing Management SQL注入漏洞

Code-Projects Lost and Found Thing Management is an open-source lost and found management tool developed by Code-Projects. Version 1.0 of Code-Projects Lost and Found Thing Management contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “cata”...

Code-Projects Vehicle Showroom Management System SQL注入漏洞

The Code-Projects Vehicle Showroom Management System is an open-source system for managing automobile showrooms developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from improper handling ...