14 matches found
CVE-2021-27124
SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...
PT-2026-26001
A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add result.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2026-3487
The CVE-2026-3487 entry concerns itsourcecode College Management System 1.0. A SQL injection flaw affects the handling of /admin/class-result.php, where manipulating the course_code argument enables remote, unauthenticated exploitation. The vulnerability is publicly exploited or publicly disclose...
CVE-2025-12257 SourceCodester Online Student Result System view_result.php sql injection
A security vulnerability has been detected in SourceCodester Online Student Result System 1.0. This issue affects some unknown processing of the file /viewresult.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has bee...
CVE-2025-12257 SourceCodester Online Student Result System view_result.php sql injection
A security vulnerability has been detected in SourceCodester Online Student Result System 1.0. This issue affects some unknown processing of the file /viewresult.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has bee...
EUVD-2012-6592
Malware in sbrugna...
CVE-2012-10041 WAN Emulator v2.3 Command Execution
WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls shellexec with unsanitized input from the pc POST parameter, allowing remote attackers to execute arbitrary commands as the www-data user. The system also includes a SUID-root binary name...
PT-2025-32394 · Unknown · Wan Emulator
Name of the Vulnerable Software and Affected Versions: WAN Emulator version 2.3 Description: WAN Emulator version 2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls the shell exec function with unsanitized input from the pc POST parameter, allowing...
CVE-2025-4481
A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely...
CVE-2025-1578
A vulnerability, which was classified as critical, was found in PHPGurukul/Campcodes Online Shopping Portal 2.1. This affects an unknown part of the file /search-result.php. The manipulation of the argument Product leads to sql injection. It is possible to initiate the attack remotely. The exploi...
PT-2023-32609 · Unknown +1 · Mosesdecoder +1
Name of the Vulnerable Software and Affected Versions: moses-smt mosesdecoder versions up to 4.0 Description: A critical issue was found in the mosesdecoder, affecting an unknown part of the file contrib/iSenWeb/trans result.php. The manipulation of the input1 argument leads to os command...
PT-2023-25098 · Sourcecodester · Sourcecodester Shopping Website
Name of the Vulnerable Software and Affected Versions: SourceCodester Shopping Website version 1.0 Description: A critical issue was found in the SourceCodester Shopping Website, affecting an unknown function of the file search-result.php. The manipulation of the product argument leads to SQL...
Entrepreneur Dating Script SQL Injection Vulnerability
Entrepreneur Dating Script is a set of online dating site scripts. A SQL injection vulnerability exists in Entrepreneur Dating Script version 2.0.1. A remote attacker can inject SQL commands into the searchresult.php file by sending the 'marital', 'gender', or 'profileid ' parameter to the...
PT-2023-2058
Name of the Vulnerable Software and Affected Versions phpipam versions prior to 1.5.2 Description The issue is related to a lack of protection against SQL query structure manipulation in the app/admin/custom-fields/edit-result.php script of the phpipam web application for IP address management...