EUVD-2025-203265

A vulnerability was found in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file loginquery.php. Performing manipulation of the argument studno results in sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-14571

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /borrowbook.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-14537

A weakness has been identified in code-projects Class and Exam Timetable Management 1.0. Affected by this issue is some unknown functionality of the file /preview7.php. This manipulation of the argument courseyearsection/semester causes sql injection. Remote exploitation of the attack is possible...

PT-2025-49578

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A flaw exists in itsourcecode Student Management System 1.0, specifically within the file /newsubject.php. The sub argument is susceptible to SQL injection, allowing for remote...

PT-2025-49529

Name of the Vulnerable Software and Affected Versions Yottamaster DM2 versions prior to 1.2.23 Yottamaster DM3 versions prior to 1.2.23 Yottamaster DM200 versions prior to 1.2.23 Yottamaster DM2 versions prior to 1.9.12 Yottamaster DM3 versions prior to 1.9.12 Yottamaster DM200 versions prior to...

CVE-2025-14201

A vulnerability was found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f. Affected by this vulnerability is an unknown functionality of the file /dishsub.php. The manipulation of the argument item.name results in cross site scripting. I...

CVE-2025-13546

A vulnerability was detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this issue is some unknown functionality of the file /results.php of the component Search. The manipulation of the argument userquery results in sql injection. The attack can be...

CVE-2025-13545

A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerability is an unknown functionality of the file /adminarea/index.php. The manipulation of the argument editpack leads to sql injection. The attack can be...

Travel Agency 代码问题漏洞

Travel Agency is a travel management website by Ashraf Kabir, an individual developer. Travel Agency has a code issue vulnerability that stems from the presence of unknown functionality in the file /customerregister.php, which could lead to unlimited uploads...

CVE-2025-13303

A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

CVE-2025-13238

CVE-2025-13238 affects Bdtask Flight Booking Software 4. The Edit Profile Page component (/agent/profile/edit) is susceptible to manipulation that enables unrestricted file uploads. The flaw can be exploited remotely and has publicly available exploit materials. Multiple sources corroborate the i...

EUVD-2025-197702

A vulnerability was determined in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality. This manipulation causes exposure of information through directory listing. The attack is possible to be carried out remotely. The exploit has been publicly...

CVE-2025-13201

A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

CVE-2025-12289

CVE-2025-12289 affects the Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System 1.0. The flaw is an cross-site scripting vulnerability arising from manipulating the argument category_id in the file /Point/index/activity_state/1/category_id/1001. The issue can be...

CVE-2025-12222

CVE-2025-12222 affects Bdtask Flight Booking Software up to v3.1. The vulnerability exists in the Deposit Handler’s Deposit component, specifically the /admin/transaction/deposit path, where an unknown functionality allows unrestricted file upload. This can be exploited remotely and was publicly ...

EUVD-2025-34053

A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addcandidatemodal.php.. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11512

A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/votersadd.php. The manipulation of the argument Firstname/Lastname/Platform results in cross site scripting. The attack can be executed remotely. The exploit has...

EUVD-2025-33174

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...

EUVD-2025-25126

Malicious code in bioql PyPI...

EUVD-2025-29985

Malicious code in bioql PyPI...