EUVD-2025-23269

Malicious code in bioql PyPI...

EUVD-2025-6627

Malicious code in bioql PyPI...

EUVD-2025-4415

Malicious code in bioql PyPI...

Exploit for SQL Injection in Carmelo Food_Ordering_Review_System

CVE-2025-8018 Exploit – Food Ordering Review System v1.0 This...

CVE-2025-7410

Summary: CVE-2025-7410 affects LifeStyle Store 1.0 from Code-Projects. The issue is a vulnerability in the /cart_remove.php file where manipulating the ID argument enables SQL injection. The vulnerability is remote and the exploit has been disclosed publicly. Affected component: LifeStyle Store 1...

Exploit for SQL Injection in Anisha Car_Rental_System

CVE‑2025‑6907 SQLi Exploit Tool File: exploit.c Aut...

CVE-2025-6157

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registered-user-testing.php. The manipulation of the argument testtype leads to sql injection. The attack may be...

PT-2025-25682 · Mojoomla · Mojoomla School Management

Name of the Vulnerable Software and Affected Versions: mojoomla School Management versions n/a through 92.0.0 Description: The issue is related to an SQL Injection vulnerability, specifically Improper Neutralization of Special Elements used in an SQL Command. This allows for Blind SQL Injection,...

CVE-2025-5677

A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=saveapplication. The manipulation of the argument positionid leads to sql injection. The attack may be...

CVE-2024-8570

A vulnerability was found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /inccatadd.php. The manipulation of the argument title leads to sql injection. The attack may be launched remotely. The exploit ha...

CVE-2023-2297

The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 3.9.0. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function...

CVE-2025-4734 Campcodes Sales and Inventory System ci_update.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/ciupdate.php. The manipulation of the argument id/name leads to sql injection. It is possible to launch the attack remotely. The exploit has...

Exploit for SQL Injection in Valvepress Automatic

WP Automatic Plugin SQL Injection Exploit CVE-2024-27956 !...

CVE-2025-3971

A vulnerability classified as critical was found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. The attack can be launched remotely. T...

CVE-2025-32968 org.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query API

XWiki is a generic wiki platform. In versions starting from 1.6-milestone-1 to before 15.10.16, 16.4.6, and 16.10.1, it is possible for a user with SCRIPT right to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the database backend...

Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection

Exploit Title: Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection Exploit author: hyp3rlinx import requests,time,re,sys,argparse NAPC Xinet Elegant 6 Asset Library v6.1.655 Pre-Auth SQL Injection 0day Exploit By hyp3rlinx ApparitionSec UPDATED: Jan 2024 for python3 TODO: add SSL support...

CVE-2025-3229 PHPGurukul Restaurant Table Booking System edit-subadmin.php sql injection

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /edit-subadmin.php. The manipulation of the argument fullname leads to sql injection. The attack can be initiated remotely. The exploi...

Jasmin Ransomware - SQL Injection Login Bypass

Exploit Title: Jasmin Ransomware SQL Injection Login Bypass Google Dork: N/A Date: 05-03-2025 Exploit Author: Buğra Enis Dönmez Vendor Homepage: https://github.com/codesiddhant/Jasmin-Ransomware Software Link: https://github.com/codesiddhant/Jasmin-Ransomware Version: N/A Tested on: Windows How t...

Exploit for CVE-2025-1094

CVE-2025-1094: SQL Injection to RCE via WebSocket 🚀 This repo...

Exploit for SQL Injection in Microsoft

CVE-2024-43468 SCCM SQL Injection Exploit mTLS client certs f...