216528 matches found
CVE-2026-5206
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument Paymentid/Amount/customerid/paymenttype/customername leads to sql injection. Remote exploitation...
CVE-2026-5206 code-projects Simple Gym Management System Payment sql injection
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument Paymentid/Amount/customerid/paymenttype/customername leads to sql injection. Remote exploitation...
CVE-2026-5206 code-projects Simple Gym Management System Payment sql injection
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument Paymentid/Amount/customerid/paymenttype/customername leads to sql injection. Remote exploitation...
CVE-2026-5206
CVE-2026-5206 affects: code-projects Simple Gym Management System 1.0, specifically the unknown code in the Payment Handler . The issue is a SQL injection caused by manipulation of the arguments Payment_id, Amount, customer_id, payment_type, and customer_name. The vulnerability allows remote expl...
web-vuln-scanner
web-vuln-scanner A modular...
CVE-2026-34220
MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to versions 6.6.10 and 7.0.6, there is a SQL injection vulnerability when specially crafted objects are interpreted as raw SQL query fragments. This issue has been patched in versions 6.6....
CVE-2026-34220 MikroORM is vulnerable to SQL Injection via specially crafted object
MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to versions 6.6.10 and 7.0.6, there is a SQL injection vulnerability when specially crafted objects are interpreted as raw SQL query fragments. This issue has been patched in versions 6.6....
CVE-2026-34220
MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to versions 6.6.10 and 7.0.6, there is a SQL injection vulnerability when specially crafted objects are interpreted as raw SQL query fragments. This issue has been patched in versions 6.6....
EUVD-2026-17353
A vulnerability was found in code-projects Student Membership System 1.0. The affected element is an unknown function of the file /deleteuser.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used...
CVE-2026-5198 code-projects Student Membership System Admin Login index.php sql injection
A vulnerability was determined in code-projects Student Membership System 1.0. The impacted element is an unknown function of the file /admin/index.php of the component Admin Login. This manipulation of the argument username/password causes sql injection. Remote exploitation of the attack is...
CVE-2026-5198 code-projects Student Membership System Admin Login index.php sql injection
A vulnerability was determined in code-projects Student Membership System 1.0. The impacted element is an unknown function of the file /admin/index.php of the component Admin Login. This manipulation of the argument username/password causes sql injection. Remote exploitation of the attack is...
CVE-2026-5198
A vulnerability was determined in code-projects Student Membership System 1.0. The impacted element is an unknown function of the file /admin/index.php of the component Admin Login. This manipulation of the argument username/password causes sql injection. Remote exploitation of the attack is...
CVE-2026-5198
CVE-2026-5198 affects code-projects Student Membership System 1.0. The vulnerability lies in the Admin Login component, specifically an unknown function in /admin/index.php that manipulates the username/password parameters to cause SQL injection. Remote exploitation is possible, and the exploit h...
CVE-2026-5197
A vulnerability was found in code-projects Student Membership System 1.0. The affected element is an unknown function of the file /deleteuser.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used...
CVE-2026-4317
SQL inyection SQLi vulnerability in Umami Software web application through an improperly sanitized parameter, which could allow an authenticated attacker to execute arbitrary SQL commands in the database.Specifically, they could manipulate the value of the 'timezone' request parameter by includin...
CVE-2026-5197
The CVE-2026-5197 entry concerns code-projects Student Membership System 1.0. Affected component: an unknown function in /delete_user.php where manipulation of the ID parameter yields an SQL injection. The threat is remote and the exploit is public. No remediation details are provided in the docu...
CVE-2026-5197 code-projects Student Membership System delete_user.php sql injection
A vulnerability was found in code-projects Student Membership System 1.0. The affected element is an unknown function of the file /deleteuser.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used...
CVE-2026-5197 code-projects Student Membership System delete_user.php sql injection
A vulnerability was found in code-projects Student Membership System 1.0. The affected element is an unknown function of the file /deleteuser.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used...
CVE-2026-4317 SQL inyection in Umami Software application
SQL inyection SQLi vulnerability in Umami Software web application through an improperly sanitized parameter, which could allow an authenticated attacker to execute arbitrary SQL commands in the database.Specifically, they could manipulate the value of the 'timezone' request parameter by includin...
CVE-2026-5195
A flaw has been found in code-projects Student Membership System 1.0. This issue affects some unknown processing of the component User Registration Handler. Executing a manipulation can lead to sql injection. The attack can be launched remotely...