CVE-2025-8983

The CVE-2025-8983 entry concerns itsourcecode Online Tour and Travel Management System 1.0. A SQL injection vulnerability exists in /admin/operations/expense.php via the expense_for parameter. Exploitation is possible remotely, and public exploits have been disclosed. Connected sources corroborat...

CVE-2025-8972

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-8972

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-8954

A vulnerability was identified in PHPGurukul Hospital Management System 4.0. This affects an unknown part of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

PT-2025-33130 · Projectworlds · Visitor Management System

Name of the Vulnerable Software and Affected Versions: projectworlds Visitor Management System version 1.0 Description: A vulnerability exists in projectworlds Visitor Management System 1.0, affecting the processing of the /query data.php file. Manipulation of the dateF/dateP argument results in ...

CVE-2025-8929

A vulnerability has been found in code-projects Medical Store Management System 1.0. This vulnerability affects unknown code of the file MainPanel.java. The manipulation of the argument searchTxt leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

PT-2025-32987 · Unknown · Lingdang Crm

Name of the Vulnerable Software and Affected Versions: Lingdang CRM versions through 8.6.5.4 Description: A SQL injection issue exists in the crm/WeiXinApp/yunzhijia/event.php file. Manipulation of the openid argument can lead to SQL injection, and the attack can be launched remotely. The exploit...

CVE-2025-8431

A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/add-boat.php. The manipulation of the argument boatname leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-8378

A vulnerability was found in Campcodes Online Hotel Reservation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attac...

CVE-2025-8336

A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=saveuser. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploi...

CVE-2025-8254

A vulnerability was found in Campcodes Courier Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /viewparcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-8135

A vulnerability, which was classified as critical, has been found in itsourcecode Insurance Management System 1.0. This issue affects some unknown processing of the file /updateAgent.php. The manipulation of the argument agentid leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-8220

A vulnerability has been found in Engeman Web up to 12.0.0.2. The affected element is an unknown function of the file /Login/RecoveryPass of the component Password Recovery Page. The manipulation of the argument LanguageCombobox as part of Cookie leads to sql injection. The attack is possible to ...

PT-2025-31031 · Unknown · Projectworlds Online Admission System

Name of the Vulnerable Software and Affected Versions: Projectworlds Online Admission System version 1.0 Description: A critical issue exists in Projectworlds Online Admission System. The vulnerability allows for remote SQL injection through manipulation of the markof argument within the /admin.p...

CVE-2025-8126

A vulnerability classified as critical has been found in deerwms deer-wms-2 up to 3.3. This affects an unknown part of the file /system/user/export. The manipulation of the argument paramsdataScope leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-8125

A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /system/role/authUser/allocatedList. The manipulation of the argument paramsdataScope leads to sql injection. The attack may be launched...

CVE-2025-7934

A vulnerability, which was classified as critical, has been found in fuyanglipengjun platform up to ca9aceff6902feb7b0b6bf510842aea88430796a. This issue affects the function queryPage of the file platform-schedule/src/main/java/com/platform/controller/ScheduleJobController.java. The manipulation ...

CVE-2025-7936

A vulnerability has been found in fuyanglipengjun platform up to ca9aceff6902feb7b0b6bf510842aea88430796a and classified as critical. Affected by this vulnerability is the function queryPage of the file com/platform/controller/ScheduleJobLogController.java. The manipulation of the argument...

CVE-2025-7886

A vulnerability, which was classified as critical, was found in pmTicket Project-Management-Software up to 2ef379da2075f4761a2c9029cf91d073474e7486. This affects the function getUserLanguage of the file classes/class.database.php. The manipulation of the argument userid leads to sql injection. It...

CVE-2025-7594

A vulnerability was found in code-projects Job Diary 1.0. It has been classified as critical. This affects an unknown part of the file /view-emp.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...