87 matches found
PT-2025-51869
Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.5.3 Description ChurchCRM is an open-source church management system. A SQL injection issue exists in the src/UserEditor.php file. When an administrator saves a user’s configuration settings, the keys of the type...
CVE-2025-14622
A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/saveuser.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released...
EUVD-2025-203268
A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/saveuser.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released...
CVE-2025-14622
A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/saveuser.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released...
CVE-2025-14622 code-projects Student File Management System save_user.php sql injection
A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/saveuser.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released...
CVE-2025-14622
Code-projects Student File Management System 1.0 has a SQL injection vulnerability in /admin/save_user.php via the firstname parameter. The issue allows remote exploitation, and public exploits have been released. Multiple connected sources confirm the vulnerability but do not provide a confirmed...
Code-Projects Student File Management System SQL注入漏洞
Student File Management System is a student file management system. The Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter firstname in the file /admin/saveuser.php. An...
CVE-2025-13347
A flaw has been found in SourceCodester Train Station Ticketing System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=saveuser. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been published...
CVE-2025-13347
A flaw has been found in SourceCodester Train Station Ticketing System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=saveuser. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been published...
CVE-2025-13347
The CVE-2025-13347 affects SourceCodester Train Station Ticketing System 1.0. The vulnerability resides in the /ajax.php?action=save_user path where manipulating the Username parameter can trigger a SQL injection. Attacks can be launched remotely and exploits have been published, with multiple so...
PT-2025-47307
Name of the Vulnerable Software and Affected Versions SourceCodester Train Station Ticketing System version 1.0 Description A flaw exists in SourceCodester Train Station Ticketing System. The issue affects unknown code within the /ajax.php?action=save user file. Manipulation of the Username...
CVE-2025-13286
A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2025-13286
A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2025-13286 itsourcecode Online Voting System ajax.php sql injection
A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2025-13286 itsourcecode Online Voting System ajax.php sql injection
A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2025-13286
CVE-2025-13286 affects itsourcecode Online Voting System 1.0. The vulnerability is an SQL injection in the parameter ID of the file "/ajax.php?action=save_user" caused by inadequate input validation. Remote exploitation is possible and exploit code has been publicly released. Connected sources id...
CVE-2025-12929
A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function saveuser/updateuser of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been publish...
CVE-2025-12929 SourceCodester Survey Application System LoginRegistration.php update_user sql injection
A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function saveuser/updateuser of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been publish...
CVE-2025-12929
SourceCodester Survey Application System 1.0 contains a SQL injection flaw in the save_user/update_user function of /LoginRegistration.php. Manipulating the fullname argument can enable remote exploitation; other parameters may also be affected. Exploitation has been published. Remediation guidan...
EUVD-2025-29355
Malicious code in bioql PyPI...