Submit #646910: SourceCodester Student Grading System using PHP/MySQL 1.0 SQL Injection [Accepted]
Submit #646910 / VDB-323842
Aggregator
Submit #646909: SourceCodester Student Grading System using PHP/MySQL 1.0 SQL Injection [Accepted]
5 months ago
Submit #646909 / VDB-323841
quchunyi
Submit #646905: SourceCodester Student Grading System using PHP/MySQL 1.0 SQL Injection [Duplicate]
5 months ago
Submit #646905 / VDB-196564
quchunyi
Submit #646904: itsourcecode Baptism Information Management System V1.0 SQL injection [Accepted]
5 months ago
Submit #646904 / VDB-323840
Chenguang Wang-GuangZhou University
Submit #646903: itsourcecode Baptism Information Management System V1.0 SQL injection [Accepted]
5 months ago
Submit #646903 / VDB-323839
Chenguang Wang-GuangZhou University
Submit #646889: SourceCodester Pet grooming management software August 30, 2025 Unrestricted Upload [Duplicate]
5 months ago
Submit #646889 / VDB-323039
joinia
Submit #646892: SourceCodester Pet grooming management software August 30, 2025 Unrestricted Upload [Duplicate]
5 months ago
Submit #646892 / VDB-323041
joinia
CVE-2025-10403 | PHPGurukul Beauty Parlour Management System 1.1 /admin/view-enquiry.php viewid sql injection (EUVD-2025-29128)
5 months ago
A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1 and classified as critical. This affects an unknown function of the file /admin/view-enquiry.php. The manipulation of the argument viewid leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-10403. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com
CVE-2025-10402 | PHPGurukul Beauty Parlour Management System 1.1 /admin/readenq.php delid sql injection (EUVD-2025-29126)
5 months ago
A vulnerability, which was classified as critical, was found in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/readenq.php. Executing manipulation of the argument delid can lead to sql injection.
This vulnerability is handled as CVE-2025-10402. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2025-10401 | D-Link DIR-823x up to 250416 /goform/diag_ping target_addr command injection (EUVD-2025-29124)
5 months ago
A vulnerability, which was classified as critical, has been found in D-Link DIR-823x up to 250416. The affected element is an unknown function of the file /goform/diag_ping. Performing manipulation of the argument target_addr results in command injection.
This vulnerability is known as CVE-2025-10401. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com
CVE-2025-10400 | SourceCodester Food Ordering Management System 1.0 ticket-message.php ticket_id sql injection (EUVD-2025-29123)
5 months ago
A vulnerability classified as critical was found in SourceCodester Food Ordering Management System 1.0. Impacted is an unknown function of the file /routers/ticket-message.php. Such manipulation of the argument ticket_id leads to sql injection.
This vulnerability is traded as CVE-2025-10400. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #646769: PHPGurukul Beauty Parlour Management System V1.1 SQL Injection [Accepted]
5 months ago
Submit #646769 / VDB-323838
LitBot
Submit #646768: PHPGurukul Beauty Parlour Management System V1.1 SQL Injection [Accepted]
5 months ago
Submit #646768 / VDB-323837
LitBot
Submit #646761: D-Link DIR-823X AX3000 <=250416 Command Injection [Accepted]
5 months ago
Submit #646761 / VDB-323836
BediveRE
Submit #646713: SourceCodester Food Ordering Management System V1.0 SQL Injection [Accepted]
5 months ago
Submit #646713 / VDB-323835
M00n_L33
Submit #646674: MariaDB mcp V0.1.0 Unauthorized access vulnerability [Duplicate]
5 months ago
Submit #646674 / VDB-323507
Yu_Bao
Submit #646662: litmusautomation litmus-mcp-server v0.0.1 Unauthorized access [Duplicate]
5 months ago
Submit #646662 / VDB-323508
Yu_Bao
CVE-2025-10399 | Korzh EasyQuery up to 7.4.0 Query Builder UI fetch sql injection (EUVD-2025-29119)
5 months ago
A vulnerability classified as critical has been found in Korzh EasyQuery up to 7.4.0. This issue affects some unknown processing of the file /api/easyquery/models/nwind/fetch of the component Query Builder UI. This manipulation causes sql injection.
This vulnerability appears as CVE-2025-10399. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com
Submit #646660: PHPGurukul Complaint Management V2.0 SQL Injection [Duplicate]
5 months ago
Submit #646660 / VDB-322397
Eido
CVE-2025-10398 | fcba_zzm ics-park Smart Park Management System 2.0 FileUploadUtils.java File unrestricted upload (EUVD-2025-29118)
5 months ago
A vulnerability described as critical has been identified in fcba_zzm ics-park Smart Park Management System 2.0. This vulnerability affects unknown code of the file FileUploadUtils.java. The manipulation of the argument File results in unrestricted upload.
This vulnerability is reported as CVE-2025-10398. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com