216707 matches found
CVE-2026-5543 PHPGurukul User Registration & Login and User Management System yesterday-reg-users.php sql injection
A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.3. The affected element is an unknown function of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible...
CVE-2026-5543
A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.3. The affected element is an unknown function of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible...
CVE-2026-5543
CVE-2026-5543 affects PHPGurukul User Registration & Login and User Management System 3.3. The vulnerability is in /admin/yesterday-reg-users.php where manipulation of the ID parameter enables SQL injection. Remote exploitation is possible, and a public exploit exists. No product versions, patche...
CVE-2026-5537
A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affected by this vulnerability is the function checksel of the file Apps/Index/Controller/IndexController.class.php of the component HTTP GET Parameter Handler. The manipulation of the argument seid leads to sql injection...
CVE-2026-5540
The CVE-2026-5540 entry concerns code-projects Simple Laundry System 1.0. The vulnerability is located in an unknown portion of the file /modifymember.php within the Parameter Handler component. The issue arises from manipulation of the firstName argument, enabling SQL injection. The attack can b...
CVE-2026-5540 code-projects Simple Laundry System Parameter modifymember.php sql injection
A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...
CVE-2026-5540 code-projects Simple Laundry System Parameter modifymember.php sql injection
A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...
CVE-2026-5540
A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...
CVE-2026-5534
A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...
CVE-2026-5537
A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affected by this vulnerability is the function checksel of the file Apps/Index/Controller/IndexController.class.php of the component HTTP GET Parameter Handler. The manipulation of the argument seid leads to sql injection...
CVE-2026-5537 halex CourseSEL HTTP GET Parameter IndexController.class.php check_sel sql injection
A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affected by this vulnerability is the function checksel of the file Apps/Index/Controller/IndexController.class.php of the component HTTP GET Parameter Handler. The manipulation of the argument seid leads to sql injection...
CVE-2026-5537
CVE-2026-5537 affects halex CourseSEL up to version 1.1.0. The vulnerability resides in the HTTP GET Parameter Handler, specifically the function check_sel in Apps/Index/Controller/IndexController.class.php, where manipulation of the seid argument leads to SQL injection. It can be triggered remot...
CVE-2026-5534 itsourcecode Online Enrollment System Parameter index.php sql injection
A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...
Ask Expert Script 跨站脚本漏洞
Ask Expert Script is an online Q&A system script for the PHP Scripts Mall community. Version 3.0.5 of the Ask Expert Script contains a cross-site scripting vulnerability. This vulnerability stems from cross-site scripting and SQL injection vulnerabilities, which may allow unverified attackers to...
KADOS SQL注入漏洞
KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability; this flaw allows attackers to manipulate database queries...
CodeAstro Online Classroom SQL注入漏洞
CodeAstro Online Classroom is an online classroom platform provided by CodeAstro Inc. Version 1.0 of CodeAstro Online Classroom has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “videotitle” in the file /OnlineClassroom/addvideos.php, which may...
PT-2026-30405
A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...
KADOS SQL注入漏洞
KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability, which stems from the injection of SQL code through the idproject parameter. This vulnerability may lead to SQL injection attacks...
PT-2026-30483
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send GET requests to post.php with malicious 'post' values to extract sensitive database information or perfor...
PT-2026-30484
Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view...