CVE-2026-36952

Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/managecurriculum.php...

Support Board SQL注入漏洞

Support Board is a sales chat software developed by the British company Support Board. Version 3.7.7 of Support Board contains an SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter calls0messageids in the file /supportboard/include/ajax.php, which may...

PT-2026-6910

Name of the Vulnerable Software and Affected Versions SourceCodester Online Class Record System version 1.0 Description A flaw exists in SourceCodester Online Class Record System 1.0 that allows for SQL injection. The issue is located in the file /admin/subject/controller.php. Manipulating the ID...

PT-2026-6720

Name of the Vulnerable Software and Affected Versions itsourcecode School Management System version 1.0 Description A flaw exists in itsourcecode School Management System that allows for SQL injection. The issue is located in an unknown part of the file /ramonsys/settings/controller.php...

CVE-2020-37097

Edimax EW-7438RPn 1.13 contains an information disclosure vulnerability that exposes WiFi network configuration details through the wlencryptwiz.asp file. Attackers can access the script to retrieve sensitive information including WiFi network name and plaintext password stored in device...

PT-2025-53829

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A flaw exists in Refugee Food Management System 1.0 that allows for SQL injection. Manipulation of the arguments refNo, Fname, Lname, sex, age, contact, and nationality nid can lead to a...

PT-2025-46879

Name of the Vulnerable Software and Affected Versions D-Link DIR-823G router firmware version DIR823G V1.0.2B05 20181207.bin Description A command injection issue exists in the D-Link DIR-823G router firmware. The timelycheck and sysconf binaries process the /var/system/linux vlan reinit file. Th...

CVE-2025-12610

CVE-2025-12610 affects CodeAstro Gym Management System 1.0, with a SQL injection in the /admin/view-progress-report.php file. The vulnerability arises from manipulated the ID parameter, potentially enabling remote exploitation. Public disclosures exist for the exploit. Affected component is the v...

EUVD-2023-46915

Malicious code in bioql PyPI...

EUVD-2022-24804

Malicious code in bioql PyPI...

TalentSys Inka.Net 代码问题漏洞

TalentSys Inka.Net is a human resource management system from TalentSys Turkey. A code issue vulnerability exists in TalentSys Inka.Net versions prior to 6.7.1, which stems from allowing the upload of dangerously typed files, which could lead to command injection...

CVE-2025-9434

A vulnerability was determined in 1000projects Online Project Report Submission and Evaluation System 1.0. This affects an unknown function of the file /admin/edittitle.php?id=1. Executing manipulation of the argument desc can lead to cross site scripting. The attack may be launched remotely. The...

CVE-2025-7580

A vulnerability classified as critical was found in code-projects Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/positionsrow.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has bee...

PT-2025-28641 · Unknown · Code-Projects Chat System

Name of the Vulnerable Software and Affected Versions: code-projects Chat System version 1.0 Description: A critical issue was found in the code-projects Chat System. The problem affects an unknown functionality of the file "/user/addmember.php". The manipulation of the ID argument leads to SQL...

PT-2025-27557 · Unknown · Campcodes Employee Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Employee Management System version 1.0 Description: A critical issue has been found in the system, affecting some unknown functionality of the file /mark.php. The manipulation of the ID argument leads to SQL injection. The attack ca...

PT-2025-27447 · Unknown · Phpgurukul Student Record System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Student Record System version 3.2 Description: A critical vulnerability was found in the PHPGurukul Student Record System. This issue affects unknown code of the file /manage-subjects.php. The manipulation of the argument del leads...

PT-2025-27377 · Unknown · Sourcecodester Simple Company Website

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Company Website version 1.0 Description: A critical issue was found in the software, affecting an unknown function of the file /admin/clients/manage.php. The manipulation of the ID argument leads to SQL injection. This...

PT-2025-26303 · Unknown · Phpgurukul Directory Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Directory Management System version 2.0 Description: A critical issue was found in the PHPGurukul Directory Management System. This issue affects the /admin/admin-profile.php file and is related to the manipulation of the adminname...

CVE-2025-5757

A vulnerability was found in code-projects Traffic Offense Reporting System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /save-reported.php. The manipulation of the argument...

PT-2025-23427 · Unknown · Chaitak-Gorai Blogbook

Name of the Vulnerable Software and Affected Versions: Chaitak-gorai Blogbook versions up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 Description: A critical vulnerability was found in Chaitak-gorai Blogbook, affecting an unknown functionality of the file /post.php of the component GET Parameter...