CVE-2025-70063

The Medical History module of PHPGurukul Hospital Management System v4.0 exposes an Insecure Direct Object Reference (IDOR) vulnerability. The application does not verify that the requested viewid belongs to the currently authenticated patient, allowing an attacker to enumerate viewid values to a...

EUVD-2025-29128

Malicious code in bioql PyPI...

CVE-2025-11101

A security flaw has been discovered in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/company/index.php?view=edit. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has bee...

CVE-2025-10825 Campcodes Online Beauty Parlor Management System view-appointment.php sql injection

A vulnerability was identified in Campcodes Online Beauty Parlor Management System 1.0. Affected is an unknown function of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit is publicly available...

Online Nurse Hiring System view-request.php File SQL Injection Vulnerability

Online Nurse Hiring System is an online nurse hiring system. Online Nurse Hiring System suffers from a SQL injection vulnerability that originates from the lack of validation of the viewid parameter in the file /admin/view-request.php against an externally-entered SQL statement. An attacker can u...

SourceCodester Online Eyewear Shop Website SQL注入漏洞

SourceCodester Online Eyewear Shop Website is an online eyewear store website project developed by SourceCodester using PHP and MySQL, which provides an online shopping and ordering platform for eyewear business and its potential customers. A SQL injection vulnerability exists in SourceCodester...

PT-2024-29145 · Sourcecodester · Sourcecodester Simple Subscription Website

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Subscription Website version 1.0 Description: A critical issue was found in the software, affecting an unknown function of the file view application.php. The manipulation of the id argument leads to SQL injection. It is...

CVE-2023-31936

Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file...

PT-2023-23530 · Unknown · Rail Pass Management System

Name of the Vulnerable Software and Affected Versions: Rail Pass Management System version 1.0 Description: A sql injection issue allows a remote attacker to execute arbitrary code via the viewid parameter of the "view-enquiry.php" file. Recommendations: For Rail Pass Management System version 1....

CVE-2022-36676

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/viewcategory.php...

CVE-2022-29008

An insecure direct object reference IDOR vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information...

SourceCodester College Website Management System SQL注入漏洞

SourceCodester College Website Management System is an application of SourceCodester, Inc. SourceCodester College Website Management System version 1.0 is vulnerable to SQL injection, which originates from the lack of user-supplied data and output data in the id parameter of...