CVE-2026-8083

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be...

CVE-2026-10809

The CVE concerns itsourcecode Fees Management System 1.0. The vulnerability resides in /manage_user.php where manipulation of the ID parameter enables SQL injection, exploitable remotely. Public exploits exist per the provided description. Connected records confirm the issue, but no fix/version r...

WordPress plugin APIExperts Square for WooCommerce SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

CVE-2026-5577 Song-Li cross_browser details Endpoint uniquemachine_app.py sql injection

A vulnerability has been found in Song-Li crossbrowser up to ca690f0fe6954fd9bcda36d071b68ed8682a786a. This affects an unknown part of the file flask/uniquemachineapp.py of the component details Endpoint. Such manipulation of the argument ID leads to sql injection. The attack can be executed...

Web Ofisi E-Ticaret SQL注入漏洞

Web Ofisi E-Ticaret is an e-commerce system developed by the Turkish company Web Ofisi. Version 5 of Web Ofisi E-Ticaret has a SQL injection vulnerability. This vulnerability stems from insufficient input validation for the q parameter in the ajax/productsFilterSearch endpoint, which may lead to...

Ivanti Endpoint Manager ROI SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the ROI class. The issue results from the lack of proper validation of a user-suppli...

CVE-2025-14527

A weakness has been identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /viewbook.php. Executing a manipulation of the argument bookid can lead to sql injection. The attack can be executed remotely. The exploit has been made...

EUVD-2006-2165

Malware in sbrugna...

EUVD-2020-23399

Malware in sbrugna...

EUVD-2019-3293

Malware in sbrugna...

EUVD-2019-17783

Malware in sbrugna...

EUVD-2007-0628

Malware in sbrugna...

EUVD-2008-4876

Malware in sbrugna...

EUVD-2024-43553

Malicious code in bioql PyPI...

CVE-2025-10835 SourceCodester Pet Grooming Management Software view_payorder.php sql injection

A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/viewpayorder.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been release...

CVE-2025-10825 Campcodes Online Beauty Parlor Management System view-appointment.php sql injection

A vulnerability was identified in Campcodes Online Beauty Parlor Management System 1.0. Affected is an unknown function of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit is publicly available...

PT-2025-38747

Name of the Vulnerable Software and Affected Versions Campcodes Online Beauty Parlor Management System version 1.0 Description A security flaw exists in Campcodes Online Beauty Parlor Management System. The issue involves SQL injection due to the manipulation of the editid argument in the...

itsourcecode Sports Management System 安全漏洞

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/sporttype.php. An attacker can exploit this...

Exam Form Submission update_s5.php file SQL injection vulnerability

Exam Form Submission is an exam form. Exam Form Submission suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter credits in file /admin/updates5.php. An attacker can exploit this vulnerability to execute illegal SQL...

The ADOdb sqlite3 driver allows SQL injection

Improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns, metaForeignKeys or metaIndexes methods with a crafted table name. Note that the indicated Severity corresponds to a...