CVE-2026-36952

Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/managecurriculum.php...

PT-2026-32228

Name of the Vulnerable Software and Affected Versions Vehicle Showroom Management System version 1.0 Description A SQL injection issue exists due to the processing of the STAFF ID argument in the /util/StaffAddingFunction.php file. This manipulation can be initiated remotely. The exploit has been...

PT-2026-32363

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerale to SQL injection in the file/rsms/admin/repairs/view details.php...

PT-2026-32274

A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

📄 EGroupware SQL Injection

EGroupware versions prior to 23.1.20260113 and greater than or equal to 26.0.20251208 but less than 26.0.20260113 are affected by a remote SQL injection vulnerability in the Nextmatch filter processing. CVE-2026-22243: EGroupware has SQL Injection in Nextmatch Filter Processing Overview | Field |...

PT-2026-32388

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via custom fields. This issue affects Pandora FMS: from 777 through 800...

CVE-2026-36941

CVE-2026-36941 affects Sourcecodester Online Resort Management System v1.0. Vulnerable component: /orms/admin/rooms/manage_room.php. Root cause: SQL Injection vulnerability in that file. Impact (per the entry): confidentiality impact is Low; no stated integrity or availability impact. Exploitatio...

CVE-2026-36942

CVE-2026-36942: Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/activities/manage_activity.php. The linked records confirm a SQL injection flaw affecting that PHP file; CVSS 3.1 base shows low severity (2.7) with network access, low impact on conf...

CVE-2026-36946

CVE-2026-36946 affects Sourcecodester Computer and Mobile Repair Shop Management System v1.0. The vulnerability is an SQL injection in the file /rsms/admin/inquiries/view_details.php. The CVSS v3.1 data in the sources indicates: Network attack vector, low confidentiality impact, no integrity/avai...

CVE-2026-36922

CVE-2026-36922 affects Sourcecodester Cab Management System v1.0; SQL injection in /cms/admin/categories/view_category.php. Root cause is vulnerable SQL handling in that file. CVSS 3.1 base score 2.7 (LOW) with Confidentiality impact: LOW; no impact to integrity or availability stated. Other conn...

CVE-2026-36874

Sourcecodester Basic Library System v1.0 is affected by a SQL Injection in /librarysystem/load_student.php. The CVSSv3.1 base score is 2.7 (LOW) with confidentiality impact LOW and no demonstrated exploit details in the provided documents. No remediation or patch information is included in the co...

📄 OpenSTAManager 2.9.8 SQL Injection

OpenSTAManager versions 2.9.8 and below suffer from a remote time-based SQL injection vulnerability in the Article Pricing module. CVE-2026-24416: OpenSTAManager has a Time-Based Blind SQL Injection in Article Pricing Module Overview | Field | Details | |---|---| | CVE ID | CVE-2026-24416 | |...

PT-2026-32402

A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...

PT-2026-32339

Sourcecodester Cab Management System 1.0 is vulnerable to SQL Injection in the file /cms/admin/bookings/view booking.php...

CVE-2026-36919

Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php...

CVE-2026-36920

Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php...

PT-2026-32390

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/view details.php...

SourceCodester Computer and Mobile Repair Shop Management system 安全漏洞

The SourceCodester Computer and Mobile Repair Shop Management system is a simple PHP project open source by SourceCodester. It provides a website that displays information about the store. This project also manages customers’ repair records; if their devices have been repaired or serviced,...

PT-2026-32387

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...

PT-2026-32284

A security vulnerability has been detected in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/UpdateVehicleFunction.php. The manipulation of the argument VEHICLE ID leads to sql injection. The attack may be initiated remotely. The...