216250 matches found
CVE-2026-7117 code-projects Employee Management System approve.php sql injection
A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available...
CVE-2026-7117 code-projects Employee Management System approve.php sql injection
A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available...
CVE-2026-7117
The CVE describes a SQL injection vulnerability in code-projects Employee Management System 1.0, specifically in the file 370project/approve.php. The weakness arises from manipulating the argument id/token, enabling remote exploitation. Public exploitation exists according to the entry. The conne...
CVE-2026-7117
A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available...
EUVD-2026-25821
A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might ...
CVE-2026-7115
A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might ...
CVE-2026-7115
CVE-2026-7115 affects code-projects Employee Management System 1.0, with a vulnerability in the file 370project/delete.php. The issue arises from manipulating the argument ID, allowing SQL injection. Attacks may be launched remotely, and the exploit is publicly available. Current documents do not...
CVE-2026-7115 code-projects Employee Management System delete.php sql injection
A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might ...
CVE-2026-22336
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking: from n/a before 3.0.2...
CVE-2026-22336 WordPress Directorist Booking plugin < 3.0.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking: from n/a before 3.0.2...
CVE-2026-22336
CVE-2026-22336 affects the WordPress plugin Directorist Booking. It exposes an unauthenticated SQL Injection in versions up to 2.4.1, arising from improper neutralization of input used in SQL commands. Impact per sources is high: potential data disclosure or manipulation with no user interaction ...
CVE-2026-7114
A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilize...
CVE-2026-7114 code-projects Employee Management System edit.php sql injection
A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilize...
Sentinal-ai
Sentinal-ai Free, offline...
CVE-2026-7087
A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=savesales. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-7088
SourceCodester Pharmacy Sales and Inventory System 1.0 contains a SQL injection in /ajax.php?action=save_receiving triggered by manipulating the ID parameter. The flaw is exploitable remotely and the exploit is publicly available. No remediation details are provided in the documents.
CVE-2026-7088 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...
EUVD-2026-25772
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...
CVE-2026-7088 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...
CVE-2026-7088
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...