CVE-2026-9469

CVE-2026-9469 describes a SQL injection in yashpokharna2555 StudentManagementSystem, affecting an unknown function in /success.php where manipulating the User argument enables remote exploitation. The exploit is publicly available. The advisory notes a rolling-release workflow with no version det...

CVE-2026-9469

A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. T...

CVE-2026-9469 yashpokharna2555 StudentManagementSystem success.php sql injection

A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. T...

PT-2026-43083

A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. T...

CVE-2025-13267

A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Impacted is an unknown function of the file /success.php. Performing manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit is now...

CVE-2025-13267

SourceCodester Dental Clinic Appointment Reservation System 1.0 contains a SQL injection in /success.php, exploitable by manipulating the username/password parameters. The issue is remote and publicly exploited according to multiple sources; impacts include high confidentiality, integrity, and av...

EUVD-2018-10896

Malware in sbrugna...

EUVD-2024-33627

Malicious code in bioql PyPI...

CVE-2025-7411

A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /success.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2025-7411 code-projects LifeStyle Store success.php sql injection

A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /success.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has...

Codezips Online Shopping Website 注入漏洞

Codezips Online Shopping Website is a Codezips open source online store system. An injection vulnerability exists in Codezips Online Shopping Website version 1.0, which originates from a SQL injection in the success.php file and could lead to a remote attack...

CVE-2024-11059 Project Worlds Free Download Online Shopping System success.php sql injection

A vulnerability was found in Project Worlds Free Download Online Shopping System up to 192.168.1.88. It has been rated as critical. This issue affects some unknown processing of the file /online-shopping-webvsite-in-php-master/success.php. The manipulation of the argument id leads to sql injectio...

CVE-2024-11059 Project Worlds Free Download Online Shopping System success.php sql injection

A vulnerability was found in Project Worlds Free Download Online Shopping System up to 192.168.1.88. It has been rated as critical. This issue affects some unknown processing of the file /online-shopping-webvsite-in-php-master/success.php. The manipulation of the argument id leads to sql injectio...

PT-2024-16731 · Unknown · Project Worlds Free Download Online Shopping System

Name of the Vulnerable Software and Affected Versions: Project Worlds Free Download Online Shopping System versions up to 192.168.1.88 Description: A critical issue affects the processing of the file /online-shopping-webvsite-in-php-master/success.php. The manipulation of the id argument leads to...

CVE-2018-19188

The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fortid parameter...

CVE-2018-19187

The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement...

Code injection

The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement...

Code injection

The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fortid parameter...

CVE-2018-19187

The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement...

besthosting.ua XSS vulnerability

Vulnerable URL: https://besthosting.ua/ru/success.php?order=42785=3.00%20$XXXX%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 69707...