CVE-2025-7508 code-projects Modern Bag product-update.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Modern Bag 1.0. Affected by this issue is some unknown functionality of the file /admin/product-update.php. The manipulation of the argument idProduct leads to sql injection. The attack may be launched remotely. Th...

CVE-2025-40731

SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php...

CVE-2025-6481

A vulnerability, which was classified as critical, has been found in code-projects Simple Pizza Ordering System 1.0. This issue affects some unknown processing of the file /update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-6481

CVE-2025-6481 affects code-projects Simple Pizza Ordering System 1.0. The vulnerability exists in the processing of the file /update.php, where manipulating the ID parameter leads to SQL injection. It can be exploited remotely and the exploit has been disclosed publicly. Multiple connected source...

CVE-2025-6481 code-projects Simple Pizza Ordering System update.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Simple Pizza Ordering System 1.0. This issue affects some unknown processing of the file /update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit ha...

CVE-2022-43279

LimeSurvey before v5.0.4 was discovered to contain a SQL injection vulnerability via the component /application/views/themeOptions/update.php...

CVE-2018-12622

An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS via the fieldname parameter...

CVE-2015-10031

A vulnerability classified as critical was found in purpleparrots 491-Project. This vulnerability affects unknown code of the file update.php of the component Highscore Handler. The manipulation leads to sql injection. The name of the patch is a812a5e4cf72f2a635a716086fe1ee2b8fa0b1ab. It is...

CVE-2025-1166

A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file endpoint/update.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

PT-2025-6137 · Sourcecodester · Sourcecodester Food Menu Manager

Name of the Vulnerable Software and Affected Versions: SourceCodester Food Menu Manager version 1.0 Description: A critical issue has been found in the software, affecting an unknown functionality of the file "endpoint/update.php". This leads to unrestricted upload. The issue can be exploited...

CVE-2025-0563

CVE-2025-0563 affects code-projects Fantasy-Cricket 1.0. The vulnerability is a SQL injection in the file /dash/update.php caused by unsafely using the uname parameter in SQL queries. It can be exploited remotely and is supported by visible PoC and attack details (time-based blind payloads). Publ...

CVE-2025-0563 code-projects Fantasy-Cricket update.php sql injection

A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been classified as critical. Affected is an unknown function of the file /dash/update.php. The manipulation of the argument uname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-12890 code-projects Online Exam Mastering System update.php sql injection

A vulnerability was found in code-projects Online Exam Mastering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /update.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-12890 code-projects Online Exam Mastering System update.php sql injection

A vulnerability was found in code-projects Online Exam Mastering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /update.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-10420 SourceCodester Attendance and Payroll System update.php upload unrestricted upload

A vulnerability classified as critical has been found in SourceCodester Attendance and Payroll System 1.0. This affects the function upload of the file /marimar/guest/update.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. T...

CVE-2024-10420 SourceCodester Attendance and Payroll System update.php upload unrestricted upload

A vulnerability classified as critical has been found in SourceCodester Attendance and Payroll System 1.0. This affects the function upload of the file /marimar/guest/update.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. T...

PT-2024-16265 · Sourcecodester · Sourcecodester Attendance/Payroll System

Name of the Vulnerable Software and Affected Versions: SourceCodester Attendance and Payroll System version 1.0 Description: A critical issue has been found in the upload function of the file /marimar/guest/update.php, allowing unrestricted upload through the manipulation of the image argument...

CVE-2024-9817 code-projects Blood Bank System update.php sql injection

A vulnerability was found in code-projects Blood Bank System 1.0. It has been classified as critical. This affects an unknown part of the file /update.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed ...

CVE-2024-9817 code-projects Blood Bank System update.php sql injection

A vulnerability was found in code-projects Blood Bank System 1.0. It has been classified as critical. This affects an unknown part of the file /update.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed ...

CVE-2024-8564

A vulnerability was found in SourceCodester PHP CRUD 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update.php. The manipulation of the argument tblpersonid/firstname/middlename/lastname leads to sql injection. The attack can be initiated...