PT-2025-46890

Name of the Vulnerable Software and Affected Versions AMTT Hotel Broadband Operation System version 1.0 Description A flaw exists in AMTT Hotel Broadband Operation System version 1.0 that allows for SQL injection. Manipulation of the uid argument in the file '/user/portal/get firstdate.php' throu...

CVE-2022-50589

SuiteCRM versions before 7.12.6 are affected by a SQL injection vulnerability in the export functionality, triggered by processing the uid parameter. The root cause, per multiple sources, is improper sanitization of the SQL query structure, enabling remote unauthenticated attackers to execute arb...

CVE-2025-10683

The Easy Email Subscription plugin for WordPress is vulnerable to SQL Injection via the 'uid' parameter in all versions up to, and including, 1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2025-10683 Easy Email Subscription <= 1.3 - Authenticated (Admin+) SQL Injection via uid

The Easy Email Subscription plugin for WordPress is vulnerable to SQL Injection via the 'uid' parameter in all versions up to, and including, 1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

EUVD-2025-37962

The Easy Email Subscription plugin for WordPress is vulnerable to SQL Injection via the 'uid' parameter in all versions up to, and including, 1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2025-10683 Easy Email Subscription <= 1.3 - Authenticated (Admin+) SQL Injection via uid

The Easy Email Subscription plugin for WordPress is vulnerable to SQL Injection via the 'uid' parameter in all versions up to, and including, 1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2025-10683

The WordPress Easy Email Subscription plugin (versions

PT-2025-45171

Name of the Vulnerable Software and Affected Versions Easy Email Subscription plugin for WordPress versions up to and including 1.3 Description The Easy Email Subscription plugin for WordPress is susceptible to SQL Injection via the uid parameter. This is due to inadequate input sanitization and...

CVE-2025-12253

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/getexpiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely. The exploit has be...

CVE-2025-12253

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/getexpiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely. The exploit has be...

EUVD-2025-36138

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/getexpiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely. The exploit has be...

Project Monitoring System useredit.php File SQL Injection Vulnerability

Project Monitoring System is a project monitoring system. Project Monitoring System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /useredit.php. An attacker can exploit this vulnerabilit...

CVE-2025-11605

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

EUVD-2025-33865

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

Code-Projects Client Details System SQL注入漏洞

Client Details System is a client information system. Client Details System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /admin/update-profile.php. An attacker can exploit this...

CVE-2025-11585

A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-11585

A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-11585 code-projects Project Monitoring System useredit.php sql injection

A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-11585 code-projects Project Monitoring System useredit.php sql injection

A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

Code-Projects Project Monitoring System SQL注入漏洞

Project Monitoring System is a project monitoring system. Project Monitoring System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /useredit.php. An attacker can exploit this vulnerabilit...