π¨ CVE-2024-5809
The WP Ajax Contact Form WordPress plugin through 2.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin users
π@cveNotify
The WP Ajax Contact Form WordPress plugin through 2.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin users
π@cveNotify
WPScan
WP Ajax Contact Form <= 2.2.2 - Reflected Cross-Site Scripting
See details on WP Ajax Contact Form <= 2.2.2 - Reflected Cross-Site Scripting CVE 2024-5809. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2025-4816
A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
Sourcecodester Doctor's Appointment System V1.0 admin/appointment.php SQL injection Β· Issue #8 Β· Xiaoyi-ing/CVE
Sourcecodester Doctor's Appointment System V1.0 admin/appointment.php SQL injection NAME OF AFFECTED PRODUCT(S) Doctor's Appointment System V1.0 Vendor Homepage https://www.sourcecodester.c...
π¨ CVE-2025-4817
A vulnerability was found in Sourcecodester Doctor's Appointment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/delete-appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in Sourcecodester Doctor's Appointment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/delete-appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
Sourcecodester Doctor's Appointment System V1.0 admin/delete-appointment.php SQL injection Β· Issue #9 Β· Xiaoyi-ing/CVE
Sourcecodester Doctor's Appointment System V1.0 admin/delete-appointment.php SQL injection NAME OF AFFECTED PRODUCT(S) Doctor's Appointment System V1.0 Vendor Homepage https://www.sourcecod...
π¨ CVE-2025-4818
A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/delete-doctor.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/delete-doctor.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
Sourcecodester Doctor's Appointment System V1.0 admin/delete-doctor.php SQL injection Β· Issue #10 Β· Xiaoyi-ing/CVE
Sourcecodester Doctor's Appointment System V1.0 admin/delete-doctor.php SQL injection NAME OF AFFECTED PRODUCT(S) Doctor's Appointment System V1.0 Vendor Homepage https://www.sourcecodester...
π¨ CVE-2024-51106
A cross-site scripting (XSS) vulnerability in the component mcgs/admin/aboutus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the pagetitle parameter.
π@cveNotify
A cross-site scripting (XSS) vulnerability in the component mcgs/admin/aboutus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the pagetitle parameter.
π@cveNotify
GitHub
Writeups/CVE/phpGurukul/Medical Card Generation System/Stored XSS-About Us.pdf at main Β· 0xBhushan/Writeups
Contribute to 0xBhushan/Writeups development by creating an account on GitHub.
π¨ CVE-2025-5002
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_proposal_update_order.php. The manipulation of the argument order_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_proposal_update_order.php. The manipulation of the argument order_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
Sourcecodester Client Database Management System V1.0 /user_proposal_update_order.php SQL injection Β· Issue #5 Β· laifeng-boy/cve
Sourcecodester Client Database Management System V1.0 /user_proposal_update_order.php SQL injection NAME OF AFFECTED PRODUCT(S) Client Database Management System Vendor Homepage https://www.sourcec...
π¨ CVE-2025-5003
A vulnerability has been found in projectworlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /semester_ajax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability has been found in projectworlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /semester_ajax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
Projectworlds Online Time Table Generator PHP MYSQL V1.0 /semester_ajax.php SQL injection Β· Issue #4 Β· huangyi234/CVE
Projectworlds Online Time Table Generator PHP MYSQL V1.0 /semester_ajax.php SQL injection NAME OF AFFECTED PRODUCT(S) Online Time Table Generator PHP MYSQL Vendor Homepage https://projectworlds.in/...
π¨ CVE-2025-4938
A vulnerability was found in PHPGurukul Employee Record Management System 1.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registererms.php. The manipulation of the argument Email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in PHPGurukul Employee Record Management System 1.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registererms.php. The manipulation of the argument Email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
PHPGurukul Employee Record Management System Project V1.3 registererms.php SQL injection Β· Issue #2 Β· WuYanneko/CVE
PHPGurukul Employee Record Management System Project V1.3 registererms.php SQL injection reporter wuyanneko Name of Affected Product(s) Employee Record Management System Vendor Homepage https://php...
π¨ CVE-2025-4939
A vulnerability classified as problematic was found in PHPGurukul Credit Card Application Management System 1.0. This vulnerability affects unknown code of the file /admin/new-ccapplication.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability classified as problematic was found in PHPGurukul Credit Card Application Management System 1.0. This vulnerability affects unknown code of the file /admin/new-ccapplication.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
credit-card-application-management-system-using-php-and-mysql/Stored Cross-Site Scripting (XSS).md at main Β· GIRISH05/credit-cardβ¦
Contribute to GIRISH05/credit-card-application-management-system-using-php-and-mysql development by creating an account on GitHub.
π¨ CVE-2025-4941
A vulnerability, which was classified as critical, was found in PHPGurukul Credit Card Application Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability, which was classified as critical, was found in PHPGurukul Credit Card Application Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
Credit-card-application-management-system/SQL-Injection.md at main Β· GIRISH05/Credit-card-application-management-system
Contribute to GIRISH05/Credit-card-application-management-system development by creating an account on GitHub.
π¨ CVE-2025-5077
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
campcodes Online Shopping Portal V1.0 /admin/edit-subcategory.php SQL injection Β· Issue #1 Β· GeniusWang23/CVE
campcodes Online Shopping Portal V1.0 /admin/edit-subcategory.php SQL injection NAME OF AFFECTED PRODUCT(S) Online Shopping Portal Vendor Homepage https://www.campcodes.com/projects/complete-online...
π¨ CVE-2025-5078
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/subcategory.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/subcategory.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
campcodes Online Shopping Portal V1.0 /admin/subcategory.php SQL injection Β· Issue #2 Β· GeniusWang23/CVE
campcodes Online Shopping Portal V1.0 /admin/subcategory.php SQL injection NAME OF AFFECTED PRODUCT(S) Online Shopping Portal Vendor Homepage https://www.campcodes.com/projects/complete-online-shop...
π¨ CVE-2025-5079
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/updateorder.php. The manipulation of the argument remark leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/updateorder.php. The manipulation of the argument remark leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
campcodes Online Shopping Portal V1.0 /admin/updateorder.php SQL injection Β· Issue #1 Β· dico-Z/CVE
campcodes Online Shopping Portal V1.0 /admin/updateorder.php SQL injection NAME OF AFFECTED PRODUCT(S) Online Shopping Portal Vendor Homepage https://www.campcodes.com/projects/complete-online-shop...
π¨ CVE-2025-5056
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-products.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-products.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
CVE 2025-5056 Β· Issue #1 Β· Jacob-z691/CVE
campcodes Online Shopping Portal V1.0 /admin/edit-products.php SQL injection NAME OF AFFECTED PRODUCT(S) Online Shopping Portal Vendor Homepage https://www.campcodes.com/projects/complete-online-sh...
π¨ CVE-2025-5057
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/insert-product.php. The manipulation of the argument Category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
π@cveNotify
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/insert-product.php. The manipulation of the argument Category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
π@cveNotify
GitHub
campcodes Online Shopping Portal V1.0 /admin/insert-product.php SQL injection Β· Issue #2 Β· Jacob-z691/CVE
campcodes Online Shopping Portal V1.0 /admin/insert-product.php SQL injection NAME OF AFFECTED PRODUCT(S) Online Shopping Portal Vendor Homepage https://www.campcodes.com/projects/complete-online-s...
π¨ CVE-2025-5059
A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument productimage1/productimage2/productimage3 leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument productimage1/productimage2/productimage3 leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
File Upload vulnerability from campcodes Online Shopping Portal V1.0 Β· Issue #3 Β· snkercyber/CVE
File Upload vulnerability from campcodes Online Shopping Portal V1.0 (/admin/edit-subcategory.php) A vulnerability, which was classified as critical, was found in campcodes Online Shopping Portal 1...
π¨ CVE-2025-25025
IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
π@cveNotify
IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
π@cveNotify
Ibm
Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities.
IBM Guardium Data Protection has addressed these vulnerabilities in an update.
π¨ CVE-2025-25026
IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due to an incorrect authentication check.
π@cveNotify
IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due to an incorrect authentication check.
π@cveNotify
Ibm
Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities.
IBM Guardium Data Protection has addressed these vulnerabilities in an update.
π¨ CVE-2025-25029
IBM Security Guardium 12.0 could allow a privileged user to download any file on the system due to improper escaping of input.
π@cveNotify
IBM Security Guardium 12.0 could allow a privileged user to download any file on the system due to improper escaping of input.
π@cveNotify
Ibm
Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities.
IBM Guardium Data Protection has addressed these vulnerabilities in an update.
π¨ CVE-2025-3710
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
π@cveNotify
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
π@cveNotify
π¨ CVE-2025-3711
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
π@cveNotify
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
π@cveNotify