CVE-2025-14951 code-projects Scholars Tracking System home.php sql injection

A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument postcontent leads to sql injection. The attack can be executed remotely. The exploit has been disclosed...

CVE-2025-14951

CVE-2025-14951 affects Code-Projects Scholars Tracking System 1.0. The vulnerability is in the /home.php file where manipulation of the post_content parameter enables SQL injection. It can be exploited remotely; public disclosures exist. The available connected documents corroborate impact and re...

CVE-2025-14950

A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /deletepost.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to t...

CVE-2025-14950

A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /deletepost.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to t...

CVE-2025-14950 code-projects Scholars Tracking System delete_post.php sql injection

A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /deletepost.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to t...

CVE-2025-14950

A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /deletepost.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to t...

CVE-2025-14950

Code-projects Scholars Tracking System 1.0 is affected by an SQL injection in the delete_post.php handler. The vulnerability stems from improper handling of the ID parameter in the delete_post.php route, permitting remote exploitation. Multiple sources confirm that the exploit has been publicly r...

CVE-2025-14940

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/deleteuser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2025-14940

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/deleteuser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2025-14940

CVE-2025-14940 affects Code-Projects Scholars Tracking System 1.0. The vulnerability resides in the /admin/delete_user.php file where an unknown function manipulates the ID parameter, allowing a SQL injection. This can be triggered remotely and, per multiple sources, the exploit has been publicly...

CVE-2025-14940 code-projects Scholars Tracking System delete_user.php sql injection

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/deleteuser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

EUVD-2025-204439

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/deleteuser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

Code-Projects Scholars Tracking System 安全漏洞

Code-Projects Scholars Tracking System is an open source scholars tracking system by Code-Projects. A security vulnerability exists in Code-Projects Scholars Tracking System version 1.0, which stems from an incorrect manipulation of the parameter postcontent in the file /home.php, which could lea...

Code-Projects Scholars Tracking System SQL注入漏洞

Code-Projects Scholars Tracking System is an open source scholars tracking system by Code-Projects. A SQL injection vulnerability exists in Code-Projects Scholars Tracking System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /deletepost.php, which could lead...

PT-2025-52449

A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument post content leads to sql injection. The attack can be executed remotely. The exploit has been disclosed...

PT-2025-52411

Name of the Vulnerable Software and Affected Versions Scholars Tracking System version 1.0 Description A SQL injection issue exists in Scholars Tracking System 1.0. The issue is located in the /admin/delete user.php file, specifically within an unknown function. Manipulation of the ID argument ca...

kimai 安全漏洞

kimai is a web-based multi-user time tracking application by the individual developer of kimai. A security vulnerability exists in kimai version 1.30.10, which stems from an improper implementation of the SameSite cookie and could lead to session hijacking...

Code-Projects Scholars Tracking System SQL注入漏洞

Scholars Tracking System is a scholars tracking system. Scholars Tracking System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in parameter ID in file /admin/deleteuser.php. An attacker can exploit this vulnerability to...

hubzoid (>=0.2.2 <=0.4.5), openwebui-token-tracking (>=0.1.7 <=0.1.10) +1 more potentially affected by CVE-2025-63391 via open-webui (>=0.6.0 <=0.8.8)

open-webui PYPI version =0.6.0, =0.2.2, =0.1.7, =0.1.0, =0.1.5 Source cves: CVE-2025-63391 Source advisory: SNYK:PYTHON-OPENWEBUI-14535452...

CVE-2025-67285

A SQL injection vulnerability was found in the '/cts/admin/?page=zone' file of ITSourcecode COVID Tracking System Using QR-Code v1.0. The reason for this issue is that attackers inject malicious code from the parameter 'id' and use it directly in SQL queries without the need for appropriate...