3 matches found
CVE-2025-40675
CVE-2025-40675 is a reflected XSS vulnerability reported in Bagisto v2.0.0. The issue arises from the use of the URL parameter query in the /search endpoint, enabling an attacker to inject and execute arbitrary JavaScript in a victim’s browser. The impact described across sources includes potenti...
Food Ordering System SQL Injection Vulnerability
Food Ordering System is a food ordering system. A SQL injection vulnerability exists in Food Ordering System v1.0 due to a lack of validation of the id parameter against externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitiv...
Prison Management System SQL Injection Vulnerability (CNVD-2022-48402)
Prison Management System is a prison management system by Carlo Montero's personal developer. v1.0 of Prison Management System is vulnerable to SQL injection, which originates from the application /pms/admin/prisons/viewprison.php The vulnerability is caused by the lack of SQL data filter escape ...