Linux Distros Unpatched Vulnerability : CVE-2023-30944

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote...

CVE-2025-9829

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /signup.php. The manipulation of the argument mobilenumber leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly...

Linux Distros Unpatched Vulnerability : CVE-2014-8089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote...

CVE-2025-9832

A security vulnerability has been detected in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the file /routers/register-router.php. Such manipulation of the argument phone leads to sql injection. The attack may be performed from remote. The exploit has been...

CVE-2025-9691

A vulnerability has been found in Campcodes Online Shopping System 1.0. This impacts an unknown function of the file /login.php. Such manipulation of the argument Password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-9771

The CVE-2025-9771 entry concerns SourceCodester Eye Clinic Management System 1.0. The vulnerability is an SQL injection in an unknown functionality of the file /main/search_index_Diagnosis.php, triggered by manipulating the Search argument. It can be exploited remotely, and public disclosures of ...

CVE-2025-54946

A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands...

PT-2025-35501

Name of the Vulnerable Software and Affected Versions: SourceCodester/Campcodes School Log Management System version 1.0 Description: A SQL injection issue exists in an unknown functionality of the file /admin/admin class.php. Manipulation of the id no argument can lead to SQL injection and can b...

CVE-2025-9743 code-projects Human Resource Integrated System login_attendance2.php sql injection

A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file loginattendance2.php. Performing manipulation of the argument employeeid/date results in sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-9742

A vulnerability was identified in code-projects Human Resource Integrated System 1.0. This issue affects some unknown processing of the file /login.php. Such manipulation of the argument user/pass leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

CVE-2025-9726

A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /review.php. The manipulation of the argument pid results in sql injection. The attack may be launched remotely. The exploit has been released to the...

PT-2025-35359

Name of the Vulnerable Software and Affected Versions: SourceCodester Advanced School Management System version 1.0 Description: A SQL injection issue exists in SourceCodester Advanced School Management System 1.0. The vulnerability is located in an unknown function within the /index.php/stock/it...

CVE-2025-9664

A security flaw has been discovered in code-projects Simple Grading System 1.0. Affected is an unknown function of the file /addstudentgrade.php of the component Admin Panel. The manipulation of the argument Add results in sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-9660

A vulnerability was found in SourceCodester Bakeshop Online Ordering System 1.0. The impacted element is an unknown function of the file /passwordrecover.php. Performing manipulation of the argument phonenumber results in sql injection. The attack is possible to be carried out remotely. The explo...

CVE-2025-9644

A vulnerability was determined in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /setting/billsetup.php. Executing manipulation of the argument txtBillType can lead to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-9643

A vulnerability was found in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /setting/utilitybillsetup.php. Performing manipulation of the argument txtGasBill results in sql injection. It is possible to initiate the attack...

CVE-2025-9600 itsourcecode Apartment Management System member_type_setup.php sql injection

A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /setting/membertypesetup.php. The manipulation of the argument txtMemberType leads to sql injection. The attack may be initiated remotely. T...

CVE-2025-9593

A flaw has been found in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/unitstatusinfo.php. Executing manipulation of the argument usid can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used...

PT-2025-34872 · Portabilis · Portabilis I-Educar

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.10 Description: A flaw has been found in Portabilis i-Educar that allows for SQL injection. Manipulation of the ID argument in the /RegraAvaliacao/view file can lead to exploitation. The attack can be...

CVE-2025-9473

A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. This impacts an unknown function of the file /feedback.php. The manipulation of the argument msg leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly an...