CVE-2024-44663

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php...

CVE-2024-44663

PHPGurukul Online Shopping Portal 2.0 is affected by a SQL Injection vulnerability in the search-result.php file, exploitable via the product parameter. The root cause is lack of input validation for externally supplied SQL in the product parameter, as reported across multiple sources (CNVD/CNNVD...

EUVD-2023-44161

Malicious code in bioql PyPI...

SourceCodester Apartment Visitor Management System 注入漏洞

SourceCodester Apartment Visitor Management System is a SourceCodester open source apartment visitor management system. SourceCodester Apartment Visitor Management System version 1.0 has an injection vulnerability, the vulnerability stems from the parameter searchdata operation in the file...

CVE-2025-3242

CVE-2025-3242 affects PHPGurukul e-Diary Management System 1.0, with a vulnerability in the file /search-result.php where manipulating the searchdata parameter enables SQL injection. The issue is exploitable remotely and has been publicly disclosed. Multiple connected sources reiterate that the a...

CVE-2025-1894

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely...

CVE-2025-1894 PHPGurukul Restaurant Table Booking System search-result.php sql injection

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely...

CVE-2025-1578 PHPGurukul/Campcodes Online Shopping Portal search-result.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul/Campcodes Online Shopping Portal 2.1. This affects an unknown part of the file /search-result.php. The manipulation of the argument Product leads to sql injection. It is possible to initiate the attack remotely. The exploi...

CVE-2023-41580

Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request...

CVE-2023-41580

Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request...

CVE-2023-3855

A vulnerability classified as problematic was found in phpscriptpoint JobSeeker 1.5. Affected by this vulnerability is an unknown functionality of the file /search-result.php. The manipulation of the argument kw/lc/ct/cp/p leads to cross site scripting. The attack can be launched remotely. The...

CVE-2023-3855 phpscriptpoint JobSeeker search-result.php cross site scripting

A vulnerability classified as problematic was found in phpscriptpoint JobSeeker 1.5. Affected by this vulnerability is an unknown functionality of the file /search-result.php. The manipulation of the argument kw/lc/ct/cp/p leads to cross site scripting. The attack can be launched remotely. The...

CVE-2022-29004

Diary Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Name parameter in search-result.php...

CVE-2022-29004

Diary Management System v1.0 is affected by a Cross-Site Scripting (XSS) vulnerability exploitable via the Name parameter in search-result.php. The Nuclei template (CVE-2022-29004) confirms the issue and describes impact as injection of malicious scripts leading to user-facing script execution, s...

Doctor Appointment System 1.0 Blind SQL Injection

Exploit Title: Doctor Appointment System 1.0 Blind SQL injection in email parameter Date: 03-03-2021 CVE: CVE-2021-27319 Exploit Author: Nakul Ratti Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...

koolfeedback.com XSS vulnerability

Vulnerable URL: http://koolfeedback.com/beta/search-result.php?keywords=Banking+Finance+Legal=Home+Loans=%27%22/%3E%3Cscript%3Ealert/OPENBUGBOUNTY/;%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 19.01.2018 Vulnerability type:| XSS Vulnerability status:|...

purebus.com XSS vulnerability

Vulnerable URL: http://www.purebus.com/bus-search-result.php?depart=19/08/2015=%27%22/%3E%3Cscript%3Ealert/OPENBUGBOUNTY/;%3C/script%3Etype==117=242 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 19.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly...

MyClassifiedScript 5.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Classified Portal Software 5.1 - SQL Injection Google Dork: N/A Date: 11.04.2017 Vendor Homepage: http://www.myclassifiedscript.com/ Software: http://www.myclassifiedscript.com/demo.html Demo: http://www.clpage.com/ Version: 5.1...

MyClassifiedScript 5.1 - SQL Injection

MyClassifiedScript 5.1 - SQL Injection Exploit Title: Classified Portal Software 5.1 - SQL Injection Google Dork: N/A Date: 11.04.2017 Vendor Homepage: http://www.myclassifiedscript.com/ Software: http://www.myclassifiedscript.com/demo.html Demo: http://www.clpage.com/ Version: 5.1 Tested on: Win...

tampahumidor.com XSS vulnerability

Vulnerable URL: http://www.tampahumidor.com/search-result.php?srch="= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2135010 Google Pagerank| 2 VIP website status:| No Check...