CVE-2025-14566

CVE-2025-14566 affects kidaze CourseSelectionSystem, where manipulation of the USN argument in /Profilers/SProfile/reg.php enables SQL injection. The vulnerability is exploitable remotely, and public exploits exist per initial documents. The exploitation targets the unknown function in reg.php, w...

PT-2025-50944

Name of the Vulnerable Software and Affected Versions kidaze CourseSelectionSystem versions prior to 42cd892b40a18d50bd4ed1905fa89f939173a464 Description A security flaw exists in kidaze CourseSelectionSystem. Manipulation of the USN argument in the /Profilers/SProfile/reg.php file can lead to SQ...

Church Donation System reg.php File SQL Injection Vulnerability

The Church Donation System is a system of church giving. Church Donation System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter mobile in the file /reg.php. An attacker can exploit this vulnerability to execut...

CVE-2025-7830 code-projects Church Donation System reg.php sql injection

A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /reg.php. The manipulation of the argument mobile leads to sql injection. The attack may be launched remotely. The exploit has bee...

PT-2025-12444 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file activate reg.php. The manipulation of the ID argument leads to SQL injection...

PT-2025-12445 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A critical issue has been identified, affecting the file deactivate reg.php. The manipulation of the ID argument leads to SQL injection. This issue can be...

CVE-2023-7191

A vulnerability, which was classified as critical, was found in S-CMS up to 2.0build20220529-20231006. This affects an unknown part of the file member/reg.php. The manipulation of the argument Mlogin/Memail leads to sql injection. The exploit has been disclosed to the public and may be used. The...

Sql injection

A vulnerability, which was classified as critical, was found in S-CMS up to 2.0build20220529-20231006. This affects an unknown part of the file member/reg.php. The manipulation of the argument Mlogin/Memail leads to sql injection. The exploit has been disclosed to the public and may be used. The...

CVE-2023-7191 S-CMS reg.php sql injection

A vulnerability, which was classified as critical, was found in S-CMS up to 2.0build20220529-20231006. This affects an unknown part of the file member/reg.php. The manipulation of the argument Mlogin/Memail leads to sql injection. The exploit has been disclosed to the public and may be used. The...

CVE-2023-7191 S-CMS reg.php sql injection

A vulnerability, which was classified as critical, was found in S-CMS up to 2.0build20220529-20231006. This affects an unknown part of the file member/reg.php. The manipulation of the argument Mlogin/Memail leads to sql injection. The exploit has been disclosed to the public and may be used. The...

CVE-2021-39427

Cross site scripting vulnerability in 188Jianzhan 2.10 allows attackers to execute arbitrary code via the username parameter to /admin/reg.php...

CVE-2020-22818

MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter...

Sql injection

MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter...

CVE-2020-22818

MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter...

CVE-2020-22818

MKCMS V6.2 contains a SQL injection vulnerability in the /ucenter/reg.php endpoint, exploitable via the name parameter. Affected software: MKCMS V6.2; vulnerability type: SQL injection; root cause: unsanitized input in the name parameter leading to database query manipulation. Potential impact pe...

zwerg-schnauzer.info XSS vulnerability

Open Bug Bounty ID: OBB-667026 Description| Value ---|--- Affected Website:| zwerg-schnauzer.info Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Allen Disk Security Bypass Vulnerability

Allen Disk is a free, open source cloud-based hard disk product that features encrypted file storage, online preview, file sharing and more. A security bypass vulnerability exists in the reg.php file in Allen Disk version 1.6. An attacker can exploit this vulnerability to bypass CAPTCHA with the...

CVE-2017-9090

reg.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code'==1, which makes it possible to bypass the CAPTCHA via an empty $POST'captcha'...

Design/Logic Flaw

reg.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code'==1, which makes it possible to bypass the CAPTCHA via an empty $POST'captcha'...

CVE-2017-9090

reg.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code'==1, which makes it possible to bypass the CAPTCHA via an empty $POST'captcha'...