CVE-2026-3752

CVE-2026-3752 affects SourceCodester’s Employee Task Management System v1.0, specifically the GET Parameter Handler in /daily-task-report.php where manipulating the Date argument triggers an SQL injection. The flaw can be exploited remotely and has been demonstrated publicly. Multiple sources (NV...

CVE-2026-3751

A vulnerability was detected in SourceCodester Employee Task Management System 1.0. Impacted is an unknown function of the file /daily-attendance-report.php of the component GET Parameter Handler. The manipulation of the argument Date results in sql injection. The attack may be performed from...

CVE-2026-3740

A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adminsearchstudent.php. This manipulation of the argument adminsearchstudent causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-3740

A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adminsearchstudent.php. This manipulation of the argument adminsearchstudent causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-3740 itsourcecode University Management System admin_search_student.php sql injection

A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adminsearchstudent.php. This manipulation of the argument adminsearchstudent causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-3740

A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adminsearchstudent.php. This manipulation of the argument adminsearchstudent causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-3736

CVE-2026-3736 affects the Simple Flight Ticket Booking System 1.0, specifically the SearchResultRoundtrip.php file. The vulnerability arises from manipulating the input in the results parameter, enabling SQL injection. The issue can be exploited remotely, and the exploit has been publicly release...

CVE-2026-3736

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

CVE-2026-3711

Code-projects Simple Flight Ticket Booking System 1.0 contains a SQL injection vulnerability in an unknown function of /Adminupdate.php. The issue arises from manipulating parameters flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp. Remote exploitation is possible and the exploit is ...

CVE-2026-3705

CVE-2026-3705 affects code-projects Simple Flight Ticket Booking System 1.0. The vulnerability is an SQL injection in the /Adminsearch.php handling for the flightno parameter, with remote exploitation possible and a public exploit. Multiple connected sources (NVD, Red Hat, EUVD, CVE lists, and PT...

PT-2026-23968

Name of the Vulnerable Software and Affected Versions projectworlds Online Art Gallery Shop version 1.0 Description A security flaw exists in projectworlds Online Art Gallery Shop. This issue involves a SQL injection impacting an unknown functionality accessible through the file '/?pass=1'. The f...

CVE-2026-3672 JeecgBoot getDictItems isExistSqlInjectKeyword sql injection

A vulnerability has been found in JeecgBoot up to 3.9.1. Affected is the function isExistSqlInjectKeyword of the file /jeecg-boot/sys/api/getDictItems. Such manipulation leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used...

CVE-2026-3616

A vulnerability was detected in DefaultFuction Jeson Customer Relationship Management System 1.0.0. Impacted is an unknown function of the file /modules/customers/edit.php. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is...

CVE-2025-66944

SQL Injection vulnerability in vran-dev databaseir v.1.0.7 and before allows a remote attacker to execute arbitrary code via the query parameter in the search API endpoint...

CVE-2026-3487

A vulnerability was found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/class-result.php. Performing a manipulation of the argument coursecode results in sql injection. The attack can be initiated remotely. The exploit has been made...

CVE-2026-3487

The CVE-2026-3487 entry concerns itsourcecode College Management System 1.0. A SQL injection flaw affects the handling of /admin/class-result.php, where manipulating the course_code argument enables remote, unauthenticated exploitation. The vulnerability is publicly exploited or publicly disclose...

CVE-2026-3486

A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /admin/student-fee.php. Such manipulation of the argument rollno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed t...

CVE-2026-3411

A security vulnerability has been detected in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /adminsinglestudentupdate.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. T...

CVE-2026-3413

A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /adminsinglestudent.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may...

CVE-2026-3413

A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /adminsinglestudent.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may...