CVE-2021-27124

SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...

CVE-2025-4481

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely...

CVE-2025-1578

A vulnerability, which was classified as critical, was found in PHPGurukul/Campcodes Online Shopping Portal 2.1. This affects an unknown part of the file /search-result.php. The manipulation of the argument Product leads to sql injection. It is possible to initiate the attack remotely. The exploi...

PT-2023-25098 · Sourcecodester · Sourcecodester Shopping Website

Name of the Vulnerable Software and Affected Versions: SourceCodester Shopping Website version 1.0 Description: A critical issue was found in the SourceCodester Shopping Website, affecting an unknown function of the file search-result.php. The manipulation of the product argument leads to SQL...

The vulnerability of the Shops module in the NukeViet content management system allows a hacker to execute arbitrary SQL code.

The vulnerability of the Shops module in the NukeViet content management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code through the listid parameter in the detail.php script, ...

Entrepreneur Dating Script SQL Injection Vulnerability

Entrepreneur Dating Script is a set of online dating site scripts. A SQL injection vulnerability exists in Entrepreneur Dating Script version 2.0.1. A remote attacker can inject SQL commands into the searchresult.php file by sending the 'marital', 'gender', or 'profileid ' parameter to the...