3965 matches found
CVE-2025-4506
A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/menu-router.php. The manipulation of the argument 1price leads to sql injection. The attack may be launched remotely. Th...
CVE-2025-4505
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /category.php. The manipulation of the argument categoryname leads to sql injection. The attack can be launche...
CVE-2025-4464
A vulnerability has been found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=saveplan. The manipulation of the argument plan leads to sql injection. The attack can be launched remotely...
CVE-2025-4456
A vulnerability classified as critical has been found in Project Worlds Car Rental Project 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...
CVE-2025-4362
A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=savemembership. The manipulation of the argument memberid leads to sql injection. The attack can be initiated remotely. The exploit has...
CVE-2025-4360
A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The explo...
CVE-2025-4359
A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletemember. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The...
CVE-2025-4314
A vulnerability has been found in SourceCodester Advanced Web Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument txtLogin leads to sql injection. The attack can be launched remotely. The...
CVE-2025-4313
A vulnerability, which was classified as critical, was found in SourceCodester Advanced Web Store 1.0. Affected is an unknown function of the file /admin/adminaddnewproduct.php. The manipulation of the argument txtProdId leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2025-4307
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been classified as critical. Affected is an unknown function of the file /admin/add-art-medium.php. The manipulation of the argument artmed leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2025-4250
A vulnerability was found in code-projects Nero Social Networking Site 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument fname/lname/login/password2/cpassword/address/cnumber/email/gender/propic/month leads to sql...
CVE-2025-4213
CVE-2025-4213 affectsPHPGurukul Online Birth Certificate System 1.0, specifically the file /admin/search.php. The root cause is improper handling/validation of the searchdata parameter, enabling an SQL injection vulnerability. Exploitation can be performed remotely; multiple sources indicate the ...
CVE-2025-4196
A vulnerability was found in SourceCodester Patient Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /birthing.php. The manipulation of the argument compid leads to sql injection. The attack may be initiated remotely. The exploit...
CVE-2025-4155
A vulnerability, which was classified as critical, was found in PHPGurukul Boat Booking System 1.0. This affects an unknown part of the file /admin/edit-boat.php. The manipulation of the argument bid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-4070
A vulnerability, which was classified as critical, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2025-3792
A vulnerability, which was classified as critical, has been found in SeaCMS up to 13.3. This issue affects some unknown processing of the file /adminlink.php?action=delall. The manipulation of the argument eid leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-3571 Fannuo Enterprise Content Management System 凡诺企业网站管理系统 cms_chip.php sql injection
A vulnerability was found in Fannuo Enterprise Content Management System 凡诺企业网站管理系统 1.1/4.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/cmschip.php. The manipulation of the argument del leads to sql injection. The attack can be initiated remotely...
CVE-2025-3339
A vulnerability classified as critical was found in codeprojects Online Restaurant Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/userupdate.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely...
CVE-2025-3370
A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. It is possible to initiate the attack remotely. The exploi...
CVE-2025-3369
A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /novel/friendLink/list. The manipulation of the argument sort leads to sql injection. The attack may be launched remotely. The exploit has been...