Lucene search
+L

87 matches found

Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.14 views

PT-2025-51869

Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.5.3 Description ChurchCRM is an open-source church management system. A SQL injection issue exists in the src/UserEditor.php file. When an administrator saves a user’s configuration settings, the keys of the type...

7.2CVSS7.8AI score0.00359EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/12/14 6:0 p.m.9 views

CVE-2025-14622

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/saveuser.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released...

9.8CVSS7.2AI score0.00363EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/13 6:30 p.m.4 views

EUVD-2025-203268

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/saveuser.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released...

7.5CVSS6.7AI score0.00363EPSS
Exploits1References7
NVD
NVD
added 2025/12/13 6:15 p.m.5 views

CVE-2025-14622

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/saveuser.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released...

9.8CVSS0.00363EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/12/13 5:32 p.m.2 views

CVE-2025-14622 code-projects Student File Management System save_user.php sql injection

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/saveuser.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released...

7.5CVSS6.9AI score0.00363EPSS
Exploits1References6
CVE
CVE
added 2025/12/13 5:32 p.m.22 views

CVE-2025-14622

Code-projects Student File Management System 1.0 has a SQL injection vulnerability in /admin/save_user.php via the firstname parameter. The issue allows remote exploitation, and public exploits have been released. Multiple connected sources confirm the vulnerability but do not provide a confirmed...

9.8CVSS6.9AI score0.00363EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.4 views

Code-Projects Student File Management System SQL注入漏洞

Student File Management System is a student file management system. The Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter firstname in the file /admin/saveuser.php. An...

9.8CVSS7.9AI score0.00363EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/11/19 1:22 p.m.6 views

CVE-2025-13347

A flaw has been found in SourceCodester Train Station Ticketing System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=saveuser. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been published...

8.8CVSS6.5AI score0.00299EPSS
Exploits1References1
OSV
OSV
added 2025/11/18 3:16 p.m.5 views

CVE-2025-13347

A flaw has been found in SourceCodester Train Station Ticketing System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=saveuser. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been published...

8.8CVSS5.8AI score0.00299EPSS
Exploits1References5
CVE
CVE
added 2025/11/18 1:2 p.m.13 views

CVE-2025-13347

The CVE-2025-13347 affects SourceCodester Train Station Ticketing System 1.0. The vulnerability resides in the /ajax.php?action=save_user path where manipulating the Username parameter can trigger a SQL injection. Attacks can be launched remotely and exploits have been published, with multiple so...

8.8CVSS6.4AI score0.00299EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.8 views

PT-2025-47307

Name of the Vulnerable Software and Affected Versions SourceCodester Train Station Ticketing System version 1.0 Description A flaw exists in SourceCodester Train Station Ticketing System. The issue affects unknown code within the /ajax.php?action=save user file. Manipulation of the Username...

6.5CVSS7.3AI score0.00299EPSS
Exploits1References7
OSV
OSV
added 2025/11/17 2:15 p.m.3 views

CVE-2025-13286

A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

8.8CVSS5.7AI score0.00301EPSS
Exploits1References5
NVD
NVD
added 2025/11/17 2:15 p.m.5 views

CVE-2025-13286

A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

8.8CVSS0.00301EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/11/17 2:2 p.m.13 views

CVE-2025-13286 itsourcecode Online Voting System ajax.php sql injection

A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

6.5CVSS0.00301EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/17 2:2 p.m.4 views

CVE-2025-13286 itsourcecode Online Voting System ajax.php sql injection

A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=saveuser. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

6.5CVSS6.3AI score0.00301EPSS
Exploits1References5
CVE
CVE
added 2025/11/17 2:2 p.m.14 views

CVE-2025-13286

CVE-2025-13286 affects itsourcecode Online Voting System 1.0. The vulnerability is an SQL injection in the parameter ID of the file "/ajax.php?action=save_user" caused by inadequate input validation. Remote exploitation is possible and exploit code has been publicly released. Connected sources id...

8.8CVSS6.4AI score0.00301EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/11/10 4:15 a.m.3 views

CVE-2025-12929

A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function saveuser/updateuser of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been publish...

9.8CVSS5.8AI score
Exploits0References5
Cvelist
Cvelist
added 2025/11/10 3:32 a.m.17 views

CVE-2025-12929 SourceCodester Survey Application System LoginRegistration.php update_user sql injection

A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function saveuser/updateuser of the file /LoginRegistration.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been publish...

7.5CVSS0.00431EPSS
Exploits1References5
CVE
CVE
added 2025/11/10 3:32 a.m.15 views

CVE-2025-12929

SourceCodester Survey Application System 1.0 contains a SQL injection flaw in the save_user/update_user function of /LoginRegistration.php. Manipulating the fullname argument can enable remote exploitation; other parameters may also be affected. Exploitation has been published. Remediation guidan...

9.8CVSS6.5AI score0.00431EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29355

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00385EPSS
Exploits1References6
Rows per page
Query Builder