CVE-2018-25185

Wecodex Restaurant CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the username parameter. Attackers can send POST requests to the login endpoint with malicious SQL payloads using boolean-based blin...

CVE-2018-25185

CVE-2018-25185 affects Wecodex Restaurant CMS 1.0. An SQL injection via the username parameter in the login endpoint permits unauthenticated attackers to manipulate queries and extract data using boolean-based or time-based blind techniques. Public references describe the vulnerability and show a...

CVE-2018-25195 Wecodex Hotel CMS 1.0 SQL Injection via Admin Login

Wecodex Hotel CMS 1.0 contains an SQL injection vulnerability in the admin login functionality that allows unauthenticated attackers to bypass authentication by injecting SQL code. Attackers can submit malicious SQL payloads through the username parameter in POST requests to index.php with...

CVE-2018-25185 Wecodex Restaurant CMS 1.0 SQL Injection via Login

Wecodex Restaurant CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the username parameter. Attackers can send POST requests to the login endpoint with malicious SQL payloads using boolean-based blin...

CVE-2018-25195

CVE-2018-25195 describes an SQL injection vulnerability in Wecodex Hotel CMS 1.0, specifically in the admin login functionality. The issue allows unauthenticated attackers to bypass authentication by injecting SQL code via the username parameter in POST requests to index.php?action=processlogin, ...

CVE-2018-25183 Shipping System CMS 1.0 SQL Injection via admin login

Shipping System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit malicious SQL payloads using boolean-based blind techniques in POST requests to the admin login...

CVE-2018-25183

The data shows a concrete vulnerability in Shipping System CMS 1.0: an SQL injection that allows unauthenticated attackers to bypass login by injecting SQL via the username field in the admin login endpoint. Attack payloads are described as boolean-based blind techniques in POST requests to authe...

CVE-2018-25183 Shipping System CMS 1.0 SQL Injection via admin login

Shipping System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit malicious SQL payloads using boolean-based blind techniques in POST requests to the admin login...

Exploit for CVE-2024-36039

CVE-2024-36039: PyMySQL Object Injection to SQL Injection PoC...

CVE-2026-4850 code-projects Simple Laundry System Parameter checkregisitem.php sql injection

A security flaw has been discovered in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /checkregisitem.php of the component Parameter Handler. The manipulation of the argument Long-arm-shirtVol results in sql injection. The attack may be launched remotely. The...

CVE-2026-4850

A security flaw has been discovered in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /checkregisitem.php of the component Parameter Handler. The manipulation of the argument Long-arm-shirtVol results in sql injection. The attack may be launched remotely. The...

CVE-2026-4850 code-projects Simple Laundry System Parameter checkregisitem.php sql injection

A security flaw has been discovered in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /checkregisitem.php of the component Parameter Handler. The manipulation of the argument Long-arm-shirtVol results in sql injection. The attack may be launched remotely. The...

CVE-2026-4850

CVE-2026-4850 affects code-projects Simple Laundry System 1.0. Affected component: Parameter Handler, file /checkregisitem.php. Root cause: manipulation of the Long-arm-shirtVol argument enables SQL injection. Attack vector is remote; exploit publicly released. Multiple sources (NVD, CVE records,...

EUVD-2026-16110

A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file form/cart.php of the component Shopping Cart Module. Executing a manipulation of the argument del can lead to sql injection. The attack can be executed remotely. The exploit h...

CVE-2026-4842

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

CVE-2026-4844

A vulnerability was detected in code-projects Online Food Ordering System 1.0. This issue affects some unknown processing of the file /admin.php of the component Admin Login Module. The manipulation of the argument Username results in sql injection. The attack may be performed from remote. The...

CVE-2026-4844

A vulnerability was detected in code-projects Online Food Ordering System 1.0. This issue affects some unknown processing of the file /admin.php of the component Admin Login Module. The manipulation of the argument Username results in sql injection. The attack may be performed from remote. The...

CVE-2026-4844

CVE-2026-4844 affects code-projects Online Food Ordering System 1.0, specifically the Admin Login Module’s /admin.php. The issue is a SQL injection triggered by manipulating the Username parameter, exploitable remotely (network). Exploit appears public. No remediation details are provided in the ...

CVE-2026-4842

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

CVE-2026-4842 itsourcecode Online Enrollment System Parameter index.php sql injection

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...