CVE-2025-61148

An Insecure Direct Object Reference IDOR vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'recno' parameter in the /student/get-receipt endpoint...

CVE-2025-61148

An Insecure Direct Object Reference IDOR vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'recno' parameter in the /student/get-receipt endpoint...

CVE-2025-6136

A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertPayment.php. The manipulation of the argument reciptno leads to sql injection. The attack may be initiated remotely. The...

Projectworlds Life Insurance Management System 注入漏洞

Projectworlds Life Insurance Management System is a life insurance management system from Projectworlds India. An injection vulnerability exists in Projectworlds Life Insurance Management System version 1.0, which stems from improper manipulation of the reciptno parameter and can lead to SQL...

PT-2024-16497 · Unknown · Projectworlds Life Insurance Management System

Name of the Vulnerable Software and Affected Versions: Project Worlds Life Insurance Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown part of the file /editPayment.php. The manipulation of the recipt no argument leads to SQL injection...

CVE-2022-30000

Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?reciptno=...

CVE-2022-30000

Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?reciptno=...