CVE-2025-10627

A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /admin/deleteuser.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may ...

CVE-2025-10407

A vulnerability was identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewuser.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

CVE-2025-10427

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/operation/user.php. Executing manipulation of the argument websiteimage can lead to unrestricted upload. It is possible to launch the attack remotely. The...

CVE-2025-10427 SourceCodester Pet Grooming Management Software user.php unrestricted upload

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/operation/user.php. Executing manipulation of the argument websiteimage can lead to unrestricted upload. It is possible to launch the attack remotely. The...

CVE-2025-10408

A security flaw has been discovered in SourceCodester Student Grading System 1.0. Affected by this issue is some unknown functionality of the file /edituser.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been release...

CVE-2025-10407 SourceCodester Student Grading System view_user.php sql injection

A vulnerability was identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewuser.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

Online Ordering System user.php File SQL Injection Vulnerability

Online Ordering System is an online ordering system. Online Ordering System has a SQL injection vulnerability that originates from an unfiltered parameter un in the /admin/user.php file that allows manipulation of database queries. No details of the vulnerability are available at this time...

CVE-2025-8233

A vulnerability has been found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/user.php. The manipulation of the argument un leads to sql injection. The attack can be launched remotely. The explo...

CVE-2023-26817

codefever before 2023.2.7-commit-b1c2e7f was discovered to contain a remote code execution RCE vulnerability via the component /controllers/api/user.php...

CVE-2025-1579

A vulnerability was found in code-projects Blood Bank System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/user.php. The manipulation of the argument email leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2025-1167

A vulnerability was found in Mayuri K Employee Management System up to 192.168.70.3 and classified as critical. Affected by this issue is some unknown functionality of the file /hrsoft/admin/UpdateUser.php. The manipulation of the argument id leads to sql injection. The attack may be launched...

emlog 代码注入漏洞

emlog is emlog personal developer of a PHP and MySQL based CMS site building system. Code injection vulnerability exists in emlog 2.4.1 and previous versions, the vulnerability stems from the manipulation of the keyword parameter in the /admin/user.php file leading to cross-site scripting attacks...

AlienVault Authenticated SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.5.0 is susceptible to an authenticated SQL injection...

CVE-2024-7374

A vulnerability classified as critical was found in SourceCodester Simple Realtime Quiz System 1.0. This vulnerability affects unknown code of the file /manageuser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed...

CVE-2024-7199 SourceCodester Complaints Report Management System manage_user.php sql injection

A vulnerability classified as critical was found in SourceCodester Complaints Report Management System 1.0. This vulnerability affects unknown code of the file /admin/manageuser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has...

PT-2024-37945 · Unknown · Sourcecodester Record Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Record Management System version 1.0 Description: A critical issue was found in the SourceCodester Record Management System, affecting the file sort2 user.php. The manipulation of the qualification argument leads to SQL...

PT-2024-37944 · Unknown · Sourcecodester Record Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Record Management System version 1.0 Description: A critical issue has been found in the SourceCodester Record Management System, affecting some unknown functionality of the file sort1 user.php. The manipulation of the position...

CVE-2024-33247

Sourcecodester Employee Task Management System v1.0 is vulnerable to SQL Injection via admin-manage-user.php...

CVE-2024-3315

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file classes/user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The...

sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial SQL Injection Vulnerability

sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial is an open source project to help people learn how to build or develop a PHP CRUD without refresh/reload using Ajax and DataTables. sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial...