CVE-2025-14940 code-projects Scholars Tracking System delete_user.php sql injection

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/deleteuser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2025-14662 code-projects Student File Management System Update User update_user.php cross site scripting

A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/updateuser.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made...

CVE-2025-14645

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown function of the file /admin/deleteuser.php. The manipulation of the argument userid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2025-14621

Summary: CVE-2025-14621 affects Code-Projects’ Student File Management System 1.0. The vulnerability lies in the /admin/update_user.php file where the user_id parameter is not properly validated, enabling SQL injection. Remote exploitation is possible, and an exploit is publicly available. Variou...

CVE-2025-14568 haxxorsid Stock-Management-System User.php sql injection

A security vulnerability has been detected in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0. This impacts an unknown function of the file model/User.php. The manipulation of the argument employeeid/id/admin leads to sql injection. The attack can be initiated...

CVE-2025-14226

CVE-2025-14226 affects itsourcecode Student Management System 1.0 with a SQL injection in /edit_user.php via the fname parameter. Exploitation can be remote; public PoC exists. Public reports (CNVD/Red Hat/NVD) confirm the flaw. Remediation guidance suggests sanitizing/validating the fname parame...

SourceCodester Product Expiry Management System 安全漏洞

SourceCodester Product Expiry Management System is an open source product expiration management system from SourceCodester. A security vulnerability exists in SourceCodester Product Expiry Management System, which stems from the user management module delete-user.php relying on session cookies an...

CVE-2025-12608

A security flaw has been discovered in itsourcecode Online Loan Management System 1.0. The affected element is an unknown function of the file /manageuser.php. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-12238

A security flaw has been discovered in code-projects Automated Voting System 1.0. The affected element is an unknown function of the file /admin/user.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-12238 code-projects Automated Voting System user.php sql injection

A security flaw has been discovered in code-projects Automated Voting System 1.0. The affected element is an unknown function of the file /admin/user.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-12238 code-projects Automated Voting System user.php sql injection

A security flaw has been discovered in code-projects Automated Voting System 1.0. The affected element is an unknown function of the file /admin/user.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has...

Code-Projects Automated Voting System SQL注入漏洞

Code-Projects Automated Voting System is a Code-Projects open source automated voting system. Code-Projects Automated Voting System version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter Username in the file /admin/user.php, which could lead...

CVE-2025-11556

A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...

EUVD-2025-33562

A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...

PT-2025-41462

Name of the Vulnerable Software and Affected Versions Simple Leave Manager version 1.0 Description A SQL injection issue exists in the Simple Leave Manager 1.0 application. The flaw is located in the /user.php file and stems from improper handling of user-supplied input within the argument table,...

EUVD-2019-7729

Malware in sbrugna...

EUVD-2025-29834

Malicious code in bioql PyPI...

EUVD-2025-29130

Malicious code in bioql PyPI...

EUVD-2021-28706

Malicious code in bioql PyPI...

CVE-2025-10785 Campcodes Grocery Sales and Inventory System manage_user.php sql injection

A vulnerability was detected in Campcodes Grocery Sales and Inventory System 1.0. This affects an unknown part of the file /manageuser.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...