216335 matches found
CVE-2026-6193
PHPGurukul Daily Expense Tracking System 1.1 has an SQL injection in an unknown function of /register.php triggered by manipulating the email parameter. The issue can be exploited remotely, and public exploits exist. The CVSS data indicates Network attack vector, low attack complexity, no privile...
CVE-2026-6193 PHPGurukul Daily Expense Tracking System register.php sql injection
A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may...
CVE-2026-6193 PHPGurukul Daily Expense Tracking System register.php sql injection
A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may...
CVE-2026-6191 itsourcecode Construction Management System equipments.php sql injection
A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...
CVE-2026-6191
A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...
CVE-2026-6187
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chkprodavailability. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit i...
CVE-2026-36938
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/rooms/viewroom.php...
CVE-2026-36937
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/viewdetails.php...
CVE-2026-30813
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-6190
A vulnerability was found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /employees.php. Performing a manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has been made public and...
CVE-2026-6190 itsourcecode Construction Management System employees.php sql injection
A vulnerability was found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /employees.php. Performing a manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has been made public and...
CVE-2026-6190 itsourcecode Construction Management System employees.php sql injection
A vulnerability was found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /employees.php. Performing a manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has been made public and...
CVE-2026-6190
CVE-2026-6190 affects itsourcecode Construction Management System 1.0. The vulnerable element is an unknown function in the file /employees.php where manipulating the argument Name triggers a SQL injection. This can be exploited remotely and the exploit has been made public. Evidence and details ...
CVE-2026-6189
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2026-6189
CVE-2026-6189 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability resides in an unknown function in /ajax.php?action=login, where manipulating the Username argument enables a SQL injection. Attack is remote, with public exploits disclosed. Additional details (affecte...
CVE-2026-6189 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2026-34186
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via custom fields. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30813 SQL Injection in Module Search leads to Database Compromise
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30813 SQL Injection in Module Search leads to Database Compromise
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30813
CVE-2026-30813 describes an SQL Injection vulnerability in Pandora FMS versions 777 through 800, caused by improper neutralization of special elements in SQL commands used during the module search. The affected component is the module search functionality; root cause is inadequate input handling ...