12 matches found
CVE-2026-30520
A Blind SQL Injection vulnerability exists in SourceCodester Loan Management System v1.0. The vulnerability is located in the ajax.php file specifically the saveloan action. The application fails to properly sanitize user input supplied to the "borrowerid" parameter in a POST request, allowing an...
CVE-2026-30520
A Blind SQL Injection vulnerability exists in SourceCodester Loan Management System v1.0. The vulnerability is located in the ajax.php file specifically the saveloan action. The application fails to properly sanitize user input supplied to the "borrowerid" parameter in a POST request, allowing an...
PT-2026-29324
A Blind SQL Injection vulnerability exists in SourceCodester Loan Management System v1.0. The vulnerability is located in the ajax.php file specifically the save loan action. The application fails to properly sanitize user input supplied to the "borrower id" parameter in a POST request, allowing ...
CVE-2026-30520
A Blind SQL Injection vulnerability exists in SourceCodester Loan Management System v1.0. The vulnerability is located in the ajax.php file specifically the saveloan action. The application fails to properly sanitize user input supplied to the "borrowerid" parameter in a POST request, allowing an...
CVE-2026-30520
CVE-2026-30520 describes a blind SQL injection in SourceCodester Loan Management System v1.0. The vulnerability is in the AJAX endpoint ajax.php, action save_loan, where user input from the POST parameter borrower_id is not properly sanitized. An authenticated attacker can inject SQL commands thr...
CVE-2025-9505
A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=saveloantype. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-9505
A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=saveloantype. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-9505
A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=saveloantype. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-9505 Campcodes Online Loan Management System ajax.php sql injection
A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=saveloantype. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-9505 Campcodes Online Loan Management System ajax.php sql injection
A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=saveloantype. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-9505
CVE-2025-9505 affects Campcodes Online Loan Management System 1.0. The issue is a SQL injection in the file /ajax.php?action=save_loan_type caused by improper handling of the ID parameter. It's a network-exposed vulnerability with the potential for remote exploitation, and an exploit has been pub...
PT-2025-34828
Name of the Vulnerable Software and Affected Versions: Campcodes Online Loan Management System version 1.0 Description: A flaw exists in Campcodes Online Loan Management System that allows for SQL injection. The issue is related to the manipulation of the ID argument within the...