Vendor CVEs
Angeljudesuarez
All CVEs
221 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13061 | Med | 0.41 | 6.3 | 0.00 | Nov 12, 2025 | A vulnerability was detected in itsourcecode Online Voting System 1.0. This impacts an unknown function of the file /index.php?page=manage_voting. Performing manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The exploit is now public… | ||
| CVE-2025-11597 | Med | 0.41 | 6.3 | 0.00 | Oct 11, 2025 | A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/product_add_qty.php. The manipulation of the argument prod_id leads to sql injection. The attack is possible to be carried out remotely. The… | ||
| CVE-2025-11511 | Med | 0.41 | 6.3 | 0.00 | Oct 8, 2025 | A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplier_add.php. Executing manipulation of the argument supp_email can lead to sql injection. The attack may be launched remotely. The exploit has been published… | ||
| CVE-2025-11509 | Med | 0.41 | 6.3 | 0.00 | Oct 8, 2025 | A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/product_add.php. Performing manipulation of the argument prod_name results in sql injection. The attack may be initiated remotely. The exploit is now public… | ||
| CVE-2025-11090 | Med | 0.41 | 6.3 | 0.00 | Sep 28, 2025 | A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected is an unknown function of the file /admin/employee/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly… | ||
| CVE-2025-11088 | Med | 0.41 | 6.3 | 0.00 | Sep 28, 2025 | A weakness has been identified in itsourcecode Open Source Job Portal 1.0. Impacted is an unknown function of the file /admin/vacancy/index.php?view=edit. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has… | ||
| CVE-2025-11078 | Med | 0.41 | 6.3 | 0.00 | Sep 27, 2025 | A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user/controller.php?action=photos. The manipulation of the argument photo leads to unrestricted upload. The attack is possible… | ||
| CVE-2025-11054 | Med | 0.41 | 6.3 | 0.00 | Sep 27, 2025 | A security vulnerability has been detected in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/category/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely.… | ||
| CVE-2025-11041 | Med | 0.41 | 6.3 | 0.00 | Sep 26, 2025 | A vulnerability has been found in itsourcecode Open Source Job Portal 1.0. Affected by this issue is some unknown functionality of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out… | ||
| CVE-2025-11038 | Med | 0.41 | 6.3 | 0.00 | Sep 26, 2025 | A weakness has been identified in itsourcecode Online Clinic Management System 1.0. Affected is an unknown function of the file /details.php?action=post. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has… | ||
| CVE-2025-10620 | Med | 0.41 | 6.3 | 0.00 | Sep 17, 2025 | A flaw has been found in itsourcecode Online Clinic Management System 1.0. This vulnerability affects unknown code of the file /editp2.php. Executing manipulation of the argument id/firstname/lastname/type/age/address can lead to sql injection. The attack can be executed… | ||
| CVE-2025-10618 | Med | 0.41 | 6.3 | 0.00 | Sep 17, 2025 | A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the argument firstname leads to sql injection. The attack may be launched remotely.… | ||
| CVE-2025-10616 | Med | 0.41 | 6.3 | 0.00 | Sep 17, 2025 | A security flaw has been discovered in itsourcecode E-Commerce Website 1.0. Affected is an unknown function of the file /admin/users.php. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been released to the public and may be… | ||
| CVE-2025-10615 | Med | 0.41 | 6.3 | 0.00 | Sep 17, 2025 | A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used. | ||
| CVE-2025-10197 | Med | 0.41 | 6.3 | 0.00 | Sep 10, 2025 | A vulnerability was found in HJSoft HCM Human Resources Management System up to 20250822. Affected by this vulnerability is an unknown functionality of the file /templates/attestation/../../selfservice/lawresource/downlawbase. Performing manipulation of the argument ID results… | ||
| CVE-2025-9840 | Med | 0.41 | 6.3 | 0.00 | Sep 2, 2025 | A weakness has been identified in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/gametype.php. Executing manipulation of the argument code can lead to sql injection. The attack can be executed remotely. The exploit has… | ||
| CVE-2025-8135 | Med | 0.41 | 6.3 | 0.00 | Jul 25, 2025 | A vulnerability, which was classified as critical, has been found in itsourcecode Insurance Management System 1.0. This issue affects some unknown processing of the file /updateAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be… | ||
| CVE-2025-7905 | Med | 0.41 | 6.3 | 0.00 | Jul 20, 2025 | A vulnerability has been found in itsourcecode Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /insertPayment.php. The manipulation of the argument recipt_no leads to sql injection. The attack can be initiated… | ||
| CVE-2025-7904 | Med | 0.41 | 6.3 | 0.00 | Jul 20, 2025 | A vulnerability, which was classified as critical, was found in itsourcecode Insurance Management System 1.0. This affects an unknown part of the file /insertNominee.php. The manipulation of the argument nominee_id leads to sql injection. It is possible to initiate the attack… | ||
| CVE-2025-7212 | Med | 0.41 | 6.3 | 0.00 | Jul 9, 2025 | A vulnerability was found in itsourcecode Insurance Management System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be initiated… | ||
| CVE-2026-3487 | Med | 0.31 | 4.7 | 0.00 | Mar 3, 2026 | A vulnerability was found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/class-result.php. Performing a manipulation of the argument course_code results in sql injection. The attack can be initiated remotely. The… | ||
| CVE-2026-3486 | Med | 0.31 | 4.7 | 0.00 | Mar 3, 2026 | A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /admin/student-fee.php. Such manipulation of the argument roll_no leads to sql injection. It is possible to launch the attack remotely. The exploit… | ||
| CVE-2026-3982 | Med | 0.28 | 4.3 | 0.00 | Mar 12, 2026 | A vulnerability was determined in itsourcecode University Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_result.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack can be executed… | ||
| CVE-2026-3812 | Med | 0.28 | 4.3 | 0.00 | Mar 9, 2026 | A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manage_employee_allowances.php. This manipulation of the argument ID causes cross site scripting. The attack is possible to be carried out remotely. The… | ||
| CVE-2026-3412 | Med | 0.28 | 4.3 | 0.00 | Mar 2, 2026 | A vulnerability was detected in itsourcecode University Management System 1.0. This affects an unknown part of the file /att_single_view.php. The manipulation of the argument dt results in cross site scripting. The attack can be executed remotely. The exploit is now public and… | ||
| CVE-2026-1135 | Med | 0.28 | 4.3 | 0.00 | Jan 19, 2026 | A security flaw has been discovered in itsourcecode Society Management System 1.0. This impacts an unknown function of the file /admin/activity.php. The manipulation of the argument Title results in cross site scripting. The attack may be launched remotely. The exploit has been… | ||
| CVE-2026-1134 | Med | 0.28 | 4.3 | 0.00 | Jan 19, 2026 | A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown function of the file /admin/expenses.php. The manipulation of the argument detail leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly… | ||
| CVE-2025-12335 | Med | 0.28 | 4.3 | 0.00 | Oct 28, 2025 | A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplier_update.php. This manipulation of the argument supp_name/supp_address causes cross site scripting. The attack can be… | ||
| CVE-2025-12334 | Med | 0.28 | 4.3 | 0.00 | Oct 27, 2025 | A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/product_add.php. The manipulation of the argument prod_name/prod_desc/prod_cost results in cross site scripting. It is possible to launch the attack remotely.… | ||
| CVE-2025-12333 | Med | 0.28 | 4.3 | 0.00 | Oct 27, 2025 | A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplier_add.php. The manipulation of the argument supp_name/supp_address leads to cross site scripting. It is possible to initiate the attack remotely.… | ||
| CVE-2025-11119 | Med | 0.28 | 4.3 | 0.00 | Sep 28, 2025 | A security flaw has been discovered in itsourcecode Hostel Management System 1.0. Impacted is an unknown function of the file /justines/index.php of the component POST Request Handler. Performing manipulation of the argument from results in cross site scripting. It is possible… | ||
| CVE-2026-1421 | Low | 0.23 | 3.5 | 0.00 | Jan 26, 2026 | A vulnerability has been found in code-projects Online Examination System 1.0. Affected is an unknown function of the component Add Pages. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may… | ||
| CVE-2026-4474 | Low | 0.16 | 2.4 | 0.00 | Mar 20, 2026 | A flaw has been found in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /admin_single_student_update.php. This manipulation of the argument st_name causes cross site scripting. The attack may be initiated remotely. The exploit has been… | ||
| CVE-2026-4356 | Low | 0.16 | 2.4 | 0.00 | Mar 18, 2026 | A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add_result.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack may be launched remotely. The exploit has been published… | ||
| CVE-2020-23935 | 0.04 | — | 0.16 | Aug 20, 2020 | Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)". | |||
| CVE-2026-26464 | 0.00 | — | 0.00 | Feb 23, 2026 | Stored Cross-Site Scripting (XSS) was found in the /admin/edit_user.php page of Society Management System Portal V1.0, which allows remote attackers to inject and store arbitrary JavaScript code that is executed in users' browsers. This vulnerability can be exploited via the… | |||
| CVE-2026-2173 | 0.00 | — | 0.00 | Feb 8, 2026 | A vulnerability was identified in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. | |||
| CVE-2025-65380 | 0.00 | — | 0.00 | Dec 2, 2025 | PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint. Specifically, the username parameter accepts unvalidated user input, which is then concatenated directly into a backend SQL query. | |||
| CVE-2025-65379 | 0.00 | — | 0.00 | Dec 2, 2025 | PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the /admin/password-recovery.php endpoint. Specifically, the username and mobileno parameters accepts unvalidated user input, which is then concatenated directly into a backend SQL query. | |||
| CVE-2025-40685 | 0.00 | — | 0.00 | Jul 29, 2025 | Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searcstate' parameter in/state.php. | |||
| CVE-2025-40684 | 0.00 | — | 0.00 | Jul 29, 2025 | Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searccountry' parameter in/country.php. | |||
| CVE-2025-40682 | 0.00 | — | 0.00 | Jul 29, 2025 | SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the “city” and “state” parameters in the /controller/ccity.php endpoint. | |||
| CVE-2025-4706 | 0.00 | — | 0.00 | May 15, 2025 | A vulnerability was found in projectworlds Online Examination System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Procedure3b_yearwiseVisit.php. The manipulation of the argument Visit_year leads to sql injection. The attack can be… | |||
| CVE-2025-4058 | 0.00 | — | 0.00 | Apr 29, 2025 | A vulnerability classified as critical has been found in Projectworlds Online Examination System 1.0. This affects an unknown part of the file /Bloodgroop_process.php. The manipulation of the argument Pat_BloodGroup1 leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2025-4034 | 0.00 | — | 0.00 | Apr 28, 2025 | A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injection. The attack can be… | |||
| CVE-2025-3384 | 0.00 | — | 0.00 | Apr 7, 2025 | A vulnerability was found in 1000 Projects Human Resource Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /controller/employee.php. The manipulation of the argument email leads to sql injection. It is possible to launch the… | |||
| CVE-2025-2590 | 0.00 | — | 0.00 | Mar 21, 2025 | A vulnerability was found in code-projects Human Resource Management System 1.0.1. It has been classified as problematic. Affected is the function UpdateRecruitmentById of the file \handler\recruitment.go. The manipulation of the argument c leads to cross site scripting. It is… | |||
| CVE-2025-2589 | 0.00 | — | 0.00 | Mar 21, 2025 | A vulnerability was found in code-projects Human Resource Management System 1.0.1 and classified as critical. This issue affects the function Index of the file \handler\Account.go. The manipulation of the argument user_cookie leads to improper authorization. The exploit has been… | |||
| CVE-2024-13006 | 0.00 | — | 0.01 | Dec 29, 2024 | A vulnerability, which was classified as critical, has been found in 1000 Projects Human Resource Management System 1.0. This issue affects some unknown processing of the file /employeeview.php. The manipulation of the argument search leads to sql injection. The attack may be… | |||
| CVE-2024-12884 | 0.00 | — | 0.01 | Dec 21, 2024 | A vulnerability was found in Codezips E-Commerce Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in itsourcecode Online Voting System 1.0. This impacts an unknown function of the file /index.php?page=manage_voting. Performing manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The exploit is now public…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/product_add_qty.php. The manipulation of the argument prod_id leads to sql injection. The attack is possible to be carried out remotely. The…
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplier_add.php. Executing manipulation of the argument supp_email can lead to sql injection. The attack may be launched remotely. The exploit has been published…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/product_add.php. Performing manipulation of the argument prod_name results in sql injection. The attack may be initiated remotely. The exploit is now public…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected is an unknown function of the file /admin/employee/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in itsourcecode Open Source Job Portal 1.0. Impacted is an unknown function of the file /admin/vacancy/index.php?view=edit. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user/controller.php?action=photos. The manipulation of the argument photo leads to unrestricted upload. The attack is possible…
- risk 0.41cvss 6.3epss 0.00
A security vulnerability has been detected in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/category/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely.…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in itsourcecode Open Source Job Portal 1.0. Affected by this issue is some unknown functionality of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in itsourcecode Online Clinic Management System 1.0. Affected is an unknown function of the file /details.php?action=post. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has…
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in itsourcecode Online Clinic Management System 1.0. This vulnerability affects unknown code of the file /editp2.php. Executing manipulation of the argument id/firstname/lastname/type/age/address can lead to sql injection. The attack can be executed…
- risk 0.41cvss 6.3epss 0.00
A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the argument firstname leads to sql injection. The attack may be launched remotely.…
- risk 0.41cvss 6.3epss 0.00
A security flaw has been discovered in itsourcecode E-Commerce Website 1.0. Affected is an unknown function of the file /admin/users.php. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been released to the public and may be…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used.
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in HJSoft HCM Human Resources Management System up to 20250822. Affected by this vulnerability is an unknown functionality of the file /templates/attestation/../../selfservice/lawresource/downlawbase. Performing manipulation of the argument ID results…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/gametype.php. Executing manipulation of the argument code can lead to sql injection. The attack can be executed remotely. The exploit has…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, has been found in itsourcecode Insurance Management System 1.0. This issue affects some unknown processing of the file /updateAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in itsourcecode Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /insertPayment.php. The manipulation of the argument recipt_no leads to sql injection. The attack can be initiated…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, was found in itsourcecode Insurance Management System 1.0. This affects an unknown part of the file /insertNominee.php. The manipulation of the argument nominee_id leads to sql injection. It is possible to initiate the attack…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in itsourcecode Insurance Management System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be initiated…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/class-result.php. Performing a manipulation of the argument course_code results in sql injection. The attack can be initiated remotely. The…
- risk 0.31cvss 4.7epss 0.00
A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /admin/student-fee.php. Such manipulation of the argument roll_no leads to sql injection. It is possible to launch the attack remotely. The exploit…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was determined in itsourcecode University Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_result.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack can be executed…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manage_employee_allowances.php. This manipulation of the argument ID causes cross site scripting. The attack is possible to be carried out remotely. The…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was detected in itsourcecode University Management System 1.0. This affects an unknown part of the file /att_single_view.php. The manipulation of the argument dt results in cross site scripting. The attack can be executed remotely. The exploit is now public and…
- risk 0.28cvss 4.3epss 0.00
A security flaw has been discovered in itsourcecode Society Management System 1.0. This impacts an unknown function of the file /admin/activity.php. The manipulation of the argument Title results in cross site scripting. The attack may be launched remotely. The exploit has been…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown function of the file /admin/expenses.php. The manipulation of the argument detail leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplier_update.php. This manipulation of the argument supp_name/supp_address causes cross site scripting. The attack can be…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/product_add.php. The manipulation of the argument prod_name/prod_desc/prod_cost results in cross site scripting. It is possible to launch the attack remotely.…
- risk 0.28cvss 4.3epss 0.00
A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplier_add.php. The manipulation of the argument supp_name/supp_address leads to cross site scripting. It is possible to initiate the attack remotely.…
- risk 0.28cvss 4.3epss 0.00
A security flaw has been discovered in itsourcecode Hostel Management System 1.0. Impacted is an unknown function of the file /justines/index.php of the component POST Request Handler. Performing manipulation of the argument from results in cross site scripting. It is possible…
- risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in code-projects Online Examination System 1.0. Affected is an unknown function of the component Add Pages. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may…
- risk 0.16cvss 2.4epss 0.00
A flaw has been found in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /admin_single_student_update.php. This manipulation of the argument st_name causes cross site scripting. The attack may be initiated remotely. The exploit has been…
- risk 0.16cvss 2.4epss 0.00
A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add_result.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack may be launched remotely. The exploit has been published…
- CVE-2020-23935Aug 20, 2020risk 0.04cvss —epss 0.16
Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)".
- CVE-2026-26464Feb 23, 2026risk 0.00cvss —epss 0.00
Stored Cross-Site Scripting (XSS) was found in the /admin/edit_user.php page of Society Management System Portal V1.0, which allows remote attackers to inject and store arbitrary JavaScript code that is executed in users' browsers. This vulnerability can be exploited via the…
- CVE-2026-2173Feb 8, 2026risk 0.00cvss —epss 0.00
A vulnerability was identified in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely.
- CVE-2025-65380Dec 2, 2025risk 0.00cvss —epss 0.00
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint. Specifically, the username parameter accepts unvalidated user input, which is then concatenated directly into a backend SQL query.
- CVE-2025-65379Dec 2, 2025risk 0.00cvss —epss 0.00
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the /admin/password-recovery.php endpoint. Specifically, the username and mobileno parameters accepts unvalidated user input, which is then concatenated directly into a backend SQL query.
- CVE-2025-40685Jul 29, 2025risk 0.00cvss —epss 0.00
Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searcstate' parameter in/state.php.
- CVE-2025-40684Jul 29, 2025risk 0.00cvss —epss 0.00
Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searccountry' parameter in/country.php.
- CVE-2025-40682Jul 29, 2025risk 0.00cvss —epss 0.00
SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the “city” and “state” parameters in the /controller/ccity.php endpoint.
- CVE-2025-4706May 15, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in projectworlds Online Examination System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Procedure3b_yearwiseVisit.php. The manipulation of the argument Visit_year leads to sql injection. The attack can be…
- CVE-2025-4058Apr 29, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in Projectworlds Online Examination System 1.0. This affects an unknown part of the file /Bloodgroop_process.php. The manipulation of the argument Pat_BloodGroup1 leads to sql injection. It is possible to initiate the attack…
- CVE-2025-4034Apr 28, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injection. The attack can be…
- CVE-2025-3384Apr 7, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in 1000 Projects Human Resource Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /controller/employee.php. The manipulation of the argument email leads to sql injection. It is possible to launch the…
- CVE-2025-2590Mar 21, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in code-projects Human Resource Management System 1.0.1. It has been classified as problematic. Affected is the function UpdateRecruitmentById of the file \handler\recruitment.go. The manipulation of the argument c leads to cross site scripting. It is…
- CVE-2025-2589Mar 21, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in code-projects Human Resource Management System 1.0.1 and classified as critical. This issue affects the function Index of the file \handler\Account.go. The manipulation of the argument user_cookie leads to improper authorization. The exploit has been…
- CVE-2024-13006Dec 29, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in 1000 Projects Human Resource Management System 1.0. This issue affects some unknown processing of the file /employeeview.php. The manipulation of the argument search leads to sql injection. The attack may be…
- CVE-2024-12884Dec 21, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Codezips E-Commerce Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The…
Page 3 of 5