PT-2026-47443

A flaw has been found in CodeAstro Student Attendance Management System 1.0. The impacted element is an unknown function of the file /attendance-php/index.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has bee...

PT-2026-47444

A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Admin/createClass.php. The manipulation of the argument className leads to sql injection. It is possible to initiate the attack remotely. The exploit...

PT-2026-47445

A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit...

PT-2026-47613

AppleScript/JXA Code Injection via Unescaped URL in macOS Chrome Plugin | Field | Value | | ---------------- | ----- | | Repository | julien040/anyquery | | Affected version | 0.4.4 commit 0abd460 | | Vulnerability | CWE-94 — Improper Control of Generation of Code | | Severity | High | Summary Th...

PT-2026-47707

CVE-2024-56120 - Cisco Unified Communications Manager SQL Injection CVE ID :CVE-2024-56120 Published : June 8, 2026, 10:16 a.m. | 44 minutes ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more...

SourceCodester Class and Exam Timetabling System 注入漏洞

SourceCodester Class and Exam Timetabling System is an open-source classroom and exam scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Class and Exam Timetabling System has a SQL injection vulnerability, which arises from incorrect handling of the parameter "sy" in...

PT-2026-47281

A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

PT-2026-47273

A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/add leave.php. Performing a manipulation of the argument type of leave results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

SourceCodester Class and Exam Timetabling System 注入漏洞

SourceCodester Class and Exam Timetabling System is an open-source classroom and exam scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Class and Exam Timetabling System has a SQL injection vulnerability, which stems from improper handling of the parameter "Password...

PT-2026-47440

A vulnerability was detected in CodeAstro Payroll System 1.0. This affects an unknown function of the file /view account.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

SourceCodester Class and Exam Timetabling System 注入漏洞

SourceCodester Class and Exam Timetabling System is an open-source classroom and exam scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Class and Exam Timetabling System has a SQL injection vulnerability, which arises from incorrect handling of the parameter "sy" in...

MySQL MCP Server 注入漏洞

The MySQL MCP Server is a security connection tool developed by Dana K. Williams. It allows interaction between AI and MySQL databases. Versions of the MySQL MCP Server prior to 0.2.2 have a vulnerability due to improper handling of the parameter uristr in the readresource function of the...

jflyfox jfinal_cms 注入漏洞

jflyfox jfinalcms is a powerful information consulting website developed by jflyfox as open source. It uses the concise and robust JFinal as the web framework, Beetl as the template engine, MySQL as the database, and the Bootstrap framework for the front end. Versions of jflyfox jfinalcms 5.1.0 a...

📄 Computer Laboratory Management System 1.0 SQL Injection

A remote SQL Injection vulnerability exists in Computer Laboratory Management System Using PHP and MySQL LMS version 1.0. The application fails to properly validate and sanitize user-supplied input provided through the id parameter, allowing an authenticated attacker to manipulate backend SQL...

CodeAstro Leave Management System 注入漏洞

The CodeAstro Leave Management System is a leave management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Leave Management System has a SQL injection vulnerability. This vulnerability stems from the handling of the parameter “Name” in the file/admin/searchstafftoassignpc.php,...

CodeAstro Ingredients Stock Management System 注入漏洞

CodeAstro Ingredients Stock Management System is a stock management system for ingredients developed by CodeAstro Inc. Version 1.0 of the CodeAstro Ingredients Stock Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameter IDs in the...

TencentOS Server 4: php (TSSA-2026:0342)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0342 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CodeAstro Payroll System 注入漏洞

The CodeAstro Payroll System is a payroll system developed by CodeAstro Corporation. Version 1.0 of the CodeAstro Payroll System has a SQL injection vulnerability. This vulnerability arises from improper handling of the parameter ID in the/viewaccount.php file, which may lead to SQL injection...

📄 WordPress ARMember Premium 7.3.1 SQL Injection

WordPress ARMember Premium plugin version 7.3.1 remote SQL injection and account takeover exploit. ================================================================================================================================== | Title : WordPress ARMember Premium 7.3.1 SQL Injection and Accoun...

PT-2026-47311

A vulnerability was determined in designcomputer mysql-mcp-server up to 0.2.2. The impacted element is the function read resource of the file src/mysql mcp server/server.py of the component mysql URI Handler. This manipulation of the argument uri str causes sql injection. Remote exploitation of t...