CVE-2026-33405 Pi-hole has a Stored HTML Injection in queries.js

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, the formatInfo function in queries.js renders data.upstream, data.client.ip, and data.ede.text into HTML without escaping when a user expands a...

CVE-2026-2058

A flaw has been found in mathurvishal CloudClassroom-PHP-Project up to 5dadec098bfbbf3300d60c3494db3fb95b66e7be. This impacts an unknown function of the file /postquerypublic.php of the component Post Query Details Page. This manipulation of the argument gnamex causes sql injection. The attack is...

CVE-2026-2058

A flaw has been found in mathurvishal CloudClassroom-PHP-Project up to 5dadec098bfbbf3300d60c3494db3fb95b66e7be. This impacts an unknown function of the file /postquerypublic.php of the component Post Query Details Page. This manipulation of the argument gnamex causes sql injection. The attack is...

CVE-2026-2058 mathurvishal CloudClassroom-PHP-Project Post Query Details postquerypublic.php sql injection

A flaw has been found in mathurvishal CloudClassroom-PHP-Project up to 5dadec098bfbbf3300d60c3494db3fb95b66e7be. This impacts an unknown function of the file /postquerypublic.php of the component Post Query Details Page. This manipulation of the argument gnamex causes sql injection. The attack is...

CVE-2026-2058 mathurvishal CloudClassroom-PHP-Project Post Query Details postquerypublic.php sql injection

A flaw has been found in mathurvishal CloudClassroom-PHP-Project up to 5dadec098bfbbf3300d60c3494db3fb95b66e7be. This impacts an unknown function of the file /postquerypublic.php of the component Post Query Details Page. This manipulation of the argument gnamex causes sql injection. The attack is...

PT-2026-6731

Name of the Vulnerable Software and Affected Versions mathurvishal CloudClassroom-PHP-Project versions prior to 5dadec098bfbbf3300d60c3494db3fb95b66e7be Description A flaw exists in the Post Query Details Page component of mathurvishal CloudClassroom-PHP-Project. The issue involves a SQL injectio...

CloudClassroom-PHP-Project SQL注入漏洞

CloudClassroom-PHP-Project is a cloud classroom website developed by Vishal Mathur. CloudClassroom-PHP-Project has a SQL injection vulnerability, which stems from incorrect handling of the parameter “gnamex” in the component “Post Query Details Page”. This could lead to SQL injection attacks...

CVE-2025-5246

A vulnerability classified as critical was found in Campcodes Online Hospital Management System 1.0. This vulnerability affects unknown code of the file /hms/admin/query-details.php. The manipulation of the argument adminremark leads to sql injection. The attack can be initiated remotely. The...

CampCodes Online Hospital Management System 安全漏洞

CampCodes Online Hospital Management System is an online hospital management system from CampCodes, Inc. A security vulnerability exists in CampCodes Online Hospital Management System version 1.0, which is caused by a SQL injection due to an incorrect manipulation of the parameter adminremark in...

CVE-2024-46239

Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /doctor/edit-profile.php and adminremark parameter in /admin/query-details.php...

CVE-2024-46239

Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /doctor/edit-profile.php and adminremark parameter in /admin/query-details.php...

PT-2024-31930 · Unknown · Phpgurukul Hospital Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System version 4.0 Description: The issue concerns cross-site scripting vulnerabilities in the PHPGurukul Hospital Management System. These vulnerabilities exist via the docname parameter in...

CVE-2024-46239

CVE-2024-46239 involves multiple cross-site scripting vulnerabilities in PHPGurukul Hospital Management System v4.0. The flaws are triggered via user-controlled input in the docname parameter of /doctor/edit-profile.php and the adminremark parameter of /admin/query-details.php, enabling XSS in af...

CVE-2024-0364

A vulnerability, which was classified as critical, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file admin/query-details.php. The manipulation of the argument adminremark leads to sql injection. The exploit has been disclosed to the public and may be...

PHPGurukul Hospital Management System SQL Injection Vulnerability

PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. A SQL injection vulnerability exists in PHPGurukul Hospital Management System version 1.0, which originates from a SQL injection vulnerability in the adminremark parameter of the admin/query-details.php pag...