PT-2025-19717 · Unknown · Kashipara Online Service Management Portal

Name of the Vulnerable Software and Affected Versions: Kashipara Online Service Management Portal version V1.0 Description: A Directory Listing Vulnerability was found in the /osms/Requester/ directory. Recommendations: For Kashipara Online Service Management Portal version V1.0, consider...

Projectworlds Online Hotel Booking System 安全漏洞

Projectworlds Online Hotel Booking System is an online hotel booking system from the Austrian company Projectworlds. A security vulnerability exists in Projectworlds Online Hotel Booking System version 1.0 due to a SQL injection in the emailusername parameter...

Best House Rental Management System 安全漏洞

Best House Rental Management System is a house rental management system by Mayuri K. Individual developer. A security vulnerability exists in Best House Rental Management System v1.0, which stems from the inclusion of a cross-site request forgery CSRF vulnerability...

PT-2024-23542 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15V1.0 version V15.03.20 multi Description: The issue is related to a command injection vulnerability. This vulnerability can be exploited via the deviceName parameter. Recommendations: For Tenda AC15V1.0 version V15.03.20 multi, avoi...

CVE-2023-50865

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'city' parameter of the hotelSearch.php resource does not validate the characters received and they are sent unfiltered to the database...

Hospital Management System SQL Injection Vulnerability (CNVD-2023-64629)

A Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs effectively. A SQL injection vulnerability exists in Hospital Management System version V1.0, which stems from the application's inability to...

Helmet Store Showroom v1.0 - SQL Injection Vulnerability

Exploit Title: Helmet Store Showroom v1.0 - SQL Injection Exploit Author: Ameer Hamza Vendor Homepage: https://www.sourcecodester.com/php/15851/helmet-store-showroom-site-php-and-mysql-free-source-code.html Software Link:...

Tenda AC6 跨站请求伪造漏洞

Tenda AC6 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC6 version V1.0 V15.03.05.19. An attacker can exploit this vulnerability to perform a cross-site request forgery CSRF attack via fromSysToolRestoreSet...

Web Based Quiz System Information Disclosure Vulnerability

Web Based Quiz System is a web based quiz system for janobe individual developers. A vulnerability exists in Web Based Quiz System v1.0, which can be exploited by attackers to obtain a user's password via brute-force cracking...

Online Leave Management System SQL Injection Vulnerability (CNVD-2022-80690)

Online Leave Management System is an online leave management system. version v1.0 of Online Leave Management System has a security vulnerability that originated through the component /admin/?page=user/manageuser&id= found to contain a SQL injection vulnerability. No detailed vulnerability details...

Automotive Shop Management System SQL Injection Vulnerability

Automotive Shop Management System is an automotive shop management system from Carlo Montero's personal developer. version v1.0 of Automotive Shop Management System is vulnerable to SQL injection, which originates from /asms/classes/Master.php?f=deletetransaction missing validation of external...

Simple E-Learning System Information Disclosure Vulnerability

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. version v1.0 of Simple E-Learning System is vulnerable to information disclosure, which can be exploited by attackers to read arbitrary files resulting in information disclosure...

Online Diagnostic Lab Management System SQL Injection Vulnerability

Online Diagnostic Lab Management System is an online diagnostic lab management system that provides a variety of diagnostic tasks online. online Diagnostic Lab Management System is vulnerable to SQL injection in version v1.0. The vulnerability stems from the affected version not properly filterin...

Expense Management System SQL注入漏洞

Expense Management System is an expense management system. version v1.0 of Expense Management System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the id parameter of its /Home/debitcreditp component. An attacker could use this...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11183)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. version v1.0 of Ingredients Stock Management System is vulnerable to SQL injection, which originates from a security issue in the /stocks/manage The vulnerability is caused by a...

Clinic’s Patient Management System 跨站脚本漏洞

Clinic's Patient Management System is a patient management system for a clinic by Carlo Montero. A security vulnerability exists in Clinic's Patient Management System version v1.0, which originates from a cross-site scripting XSS vulnerability contained via updatemedicinedetails.php that allows a...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68957)

Advanced School Management System, a school management system by Angel Jude Reyes Suarez, a personal developer, has a SQL injection vulnerability in version v1.0, which originates in /school/model/ getevents.php?eventid=The page lacks validation for external input SQL statements, which could be...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68956)

Advanced School Management System, a school management system by Angel Jude Reyes Suarez, is a SQL injection vulnerability in version v1.0 of Advanced School Management System, which originates from /school/model/ getclassroom.php?id=The page lacks validation for external input SQL statements,...

Advanced School Management System SQL注入漏洞

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getstudentsubject.php?index=The page lacks validation for external input SQL...

Online Car Wash Booking System SQL注入漏洞（CNVD-2022-53345）

Online Car Wash Booking System is an online car wash booking system from Carlo Montero's personal developer. version v1.0 of Online Car Wash Booking System is vulnerable to SQL injection, which originates from /ocwbs/admin/?page=bookings /viewdetails&id=page lacks validation of external input SQL...