EUVD-2025-209441

Improper input handling in /Grocery/searchproductsitname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitemname POST parameter...

CVE-2026-4615

A vulnerability was identified in SourceCodester Online Catering Reservation 1.0. Impacted is an unknown function of the file /search.php. Such manipulation of the argument rcode leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used...

SourceCodester Online Catering Reservation SQL注入漏洞

SourceCodester Online Catering Reservation is an open-source online catering reservation system developed by SourceCodester. Version 1.0 of SourceCodester Online Catering Reservation has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameters in the...

CVE-2026-3170 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System patient-search.php cross site scripting

A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected is an unknown function of the file /patient-search.php. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be executed...

CVE-2026-26990

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below have a Time-Based Blind SQL Injection vulnerability in address-search.inc.php via the address parameter. When a crafted subnet prefix is supplied, the prefix value is concatenated directly int...

LibreNMS has a Time-Based Blind SQL Injection in address-search.inc.php

Summary A time-based blind SQL injection vulnerability exists in address-search.inc.php via the address parameter. When a crafted subnet prefix is supplied, the prefix value is concatenated directly into an SQL query without proper parameter binding, allowing an attacker to manipulate query logic...

CVE-2026-0546

A vulnerability was determined in code-projects Content Management System 1.0. This impacts an unknown function of the file search.php. This manipulation of the argument Value causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may ...

EUVD-2018-18402

Malware in sbrugna...

EUVD-2008-1919

Malware in sbrugna...

EUVD-2017-8774

Malware in sbrugna...

EUVD-2017-8778

Malware in sbrugna...

EUVD-2018-18607

Malware in sbrugna...

EUVD-2015-8629

Malware in sbrugna...

EUVD-2008-6644

Malware in sbrugna...

EUVD-2017-8769

Malware in sbrugna...

EUVD-2008-6643

Malware in sbrugna...

CVE-2025-10794

CVE-2025-10794 affects PHPGurukul Car Rental Project 3.0. The vulnerability is a cross-site scripting flaw in the /carrental/search.php file, caused by manipulation of the autofocus parameter. Exploitation can be performed remotely and exploits have been published. Multiple sources corroborate th...

CVE-2025-10104

The CVE-2025-10104 entry concerns code-projects Online Event Judging System 1.0. Affected is the /review_search.php component where the txtsearch parameter can be manipulated to perform SQL injection. The vulnerability enables remote exploitation, and multiple sources note that the exploit has be...

CVE-2023-41525

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patientcontact parameter in patientsearch.php...

CVE-2023-41530

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the appcontact parameter in appsearch.php...