Aggregator

Submit #613920 / VDB-316239

Submit #613919 / VDB-316238

A vulnerability has been found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /get_town.php. The manipulation of the argument countryid leads to sql injection. This vulnerability is known as CVE-2025-7541. The attack can be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability, which was classified as critical, was found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the file /getclinic.php. The manipulation of the argument townid leads to sql injection. This vulnerability is traded as CVE-2025-7540. It is possible to launch the attack remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1.0. This issue affects some unknown processing of the file /getdoctordaybooking.php. The manipulation of the argument cid leads to sql injection. The identification of this vulnerability is CVE-2025-7539. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #613918 / VDB-298801

Submit #613912 / VDB-280374

Submit #613911 / VDB-286191

Submit #613910 / VDB-309496

Submit #613909 / VDB-256843

A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /pages/product_update.php. The manipulation of the argument image leads to unrestricted upload. This vulnerability was named CVE-2025-7538. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /pages/product_update.php. The manipulation of the argument ID leads to sql injection. This vulnerability is uniquely identified as CVE-2025-7537. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pages/receipt_credit.php. The manipulation of the argument sid leads to sql injection. This vulnerability is handled as CVE-2025-7536. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /pages/reprint_cash.php. The manipulation of the argument sid leads to sql injection. This vulnerability is known as CVE-2025-7535. The attack can be launched remotely. Furthermore, there is an exploit available.

Submit #613908 / VDB-280373

Submit #613691 / VDB-316237

Submit #613690 / VDB-316236

Submit #613689 / VDB-316235

A vulnerability was found in PHPGurukul Student Result Management System 2.0. It has been classified as critical. Affected is an unknown function of the file /notice-details.php of the component GET Parameter Handler. The manipulation of the argument nid leads to sql injection. This vulnerability is traded as CVE-2025-7534. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Submit #613625 / VDB-316234