CWE-74: Injection

This SQL injection vulnerability in Currency Exchange System 1.0 allows attackers to execute arbitrary SQL commands through the ID parameter in /edit....

CVE-2025-14210 is an SQL injection vulnerability in Advanced Library Management System 1.0 that allows remote attackers to execute arbitrary SQL comma...

CVE-2025-14211 is a SQL injection vulnerability in Advanced Library Management System 1.0 that allows attackers to manipulate database queries via the...

This CVE describes a SQL injection vulnerability in Advanced Library Management System 1.0's member_search.php file. Attackers can manipulate the roll...

Campcodes School File Management System 1.0 contains a SQL injection vulnerability in the /update_query.php file via the stud_id parameter. This allow...

This CVE describes a SQL injection vulnerability in the Hotel-Management-System's invoiceprint.php file where the ID parameter can be manipulated. Att...

This CVE describes a SQL injection vulnerability in the RashminDungrani online-banking application's login functionality. Attackers can manipulate the...

This SQL injection vulnerability in Chanjet TPlus allows remote attackers to execute arbitrary SQL commands via the 'currentAccId' parameter in the Mu...

This CVE describes a SQL injection vulnerability in Chanjet CRM through version 20251121. Attackers can exploit the gblOrgID parameter in /tools/jxf_d...

This CVE describes a SQL injection vulnerability in TrippWasTaken PHP-Guitar-Shop that allows remote attackers to execute arbitrary SQL commands via t...

This vulnerability allows remote attackers to execute arbitrary code on Qualitor systems by manipulating the 'passageiros' parameter in the /html/st/s...

This CVE describes a SQL injection vulnerability in Chanjet CRM's /tools/upgradeattribute.php file, specifically in the gblOrgID parameter. Attackers ...

This CVE describes a remote code injection vulnerability in taosir WTCMS that allows attackers to execute arbitrary code by manipulating the 'content'...

This CVE describes an SQL injection vulnerability in taosir WTCMS's SlideController component. Attackers can exploit this to execute arbitrary SQL com...

CVE-2025-13585 is a SQL injection vulnerability in itsourcecode COVID Tracking System 1.0 that allows attackers to execute arbitrary SQL commands via ...

This vulnerability allows remote attackers to execute SQL injection attacks against Question Paper Generator 1.0 by manipulating the Fname parameter i...

CVE-2025-13582 is a SQL injection vulnerability in Jonnys Liquor 1.0 that allows attackers to execute arbitrary SQL commands through the Product param...

CVE-2025-13578 is an SQL injection vulnerability in code-projects Library System 1.0 that allows attackers to manipulate database queries through the ...

This SQL injection vulnerability in Advanced Library Management System 1.0 allows attackers to manipulate database queries through the admin_id parame...

This vulnerability allows remote attackers to execute SQL injection attacks against SourceCodester Company Website CMS 1.0 through the Username parame...

This vulnerability allows remote attackers to execute arbitrary commands on D-Link DIR-852 routers by exploiting a command injection flaw in the /gena...

Campcodes Online Polling System 1.0 contains a SQL injection vulnerability in the /registeracc.php file's email parameter. This allows remote attacker...

This SQL injection vulnerability in SourceCodester Company Website CMS 1.0 allows attackers to manipulate database queries through the email parameter...

CVE-2025-13556 is an SQL injection vulnerability in Campcodes Online Polling System 1.0 that allows remote attackers to execute arbitrary SQL commands...

Campcodes School File Management System 1.0 contains a SQL injection vulnerability in the login component's stud_no parameter. Attackers can remotely ...

Campcodes Supplier Management System 1.0 contains a SQL injection vulnerability in the login component's username parameter. Attackers can remotely ex...

CVE-2025-13485 is an SQL injection vulnerability in itsourcecode Online File Management System 1.0 that allows attackers to execute arbitrary SQL comm...

This SQL injection vulnerability in SourceCodester Online Shop Project 1.0 allows attackers to manipulate database queries through the Search paramete...

This CVE describes a command injection vulnerability in UTT 进取 750W devices up to version 3.2.2-191225. Attackers can remotely execute arbitrary c...

This SQL injection vulnerability in code-projects Online Shop Project 1.0 allows attackers to manipulate database queries through the password paramet...

This is an SQL injection vulnerability in freeprojectscodes Sports Club Management System 1.0 that allows remote attackers to execute arbitrary SQL co...

This is an SQL injection vulnerability in itsourcecode Human Resource Management System 1.0 that allows attackers to execute arbitrary SQL commands th...

CVE-2025-13420 is a SQL injection vulnerability in itsourcecode Human Resource Management System 1.0 that allows remote attackers to execute arbitrary...

This SQL injection vulnerability in Campcodes Retro Basketball Shoes Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via th...

This CVE describes a SQL injection vulnerability in the Login function of codehub666 94list software. Attackers can remotely exploit this flaw to exec...

This vulnerability allows remote attackers to execute arbitrary SQL commands via the Username parameter in the /ajax.php?action=login endpoint of Sour...

This SQL injection vulnerability in Simple Pizza Ordering System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in...

This SQL injection vulnerability in itsourcecode Web-Based Internet Laboratory Management System 1.0 allows attackers to execute arbitrary SQL command...

This SQL injection vulnerability in itsourcecode Web-Based Internet Laboratory Management System 1.0 allows remote attackers to execute arbitrary SQL ...

CVE-2025-13298 is a SQL injection vulnerability in itsourcecode Web-Based Internet Laboratory Management System 1.0 that allows remote attackers to ex...

This vulnerability allows remote attackers to execute SQL injection attacks against itsourcecode Web-Based Internet Laboratory Management System 1.0 t...

This SQL injection vulnerability in itsourcecode Web-Based Internet Laboratory Management System 1.0 allows remote attackers to execute arbitrary SQL ...

CVE-2025-13291 is a SQL injection vulnerability in Campcodes Supplier Management System 1.0 that allows remote attackers to execute arbitrary SQL comm...

CVE-2025-13285 is an SQL injection vulnerability in itsourcecode Online Voting System 1.0 that allows attackers to manipulate database queries via the...

CVE-2025-13280 is an SQL injection vulnerability in CodeAstro Simple Inventory System 1.0 that allows attackers to manipulate database queries through...

CVE-2025-13277 is a SQL injection vulnerability in Nero Social Networking Site 1.0 that allows remote attackers to execute arbitrary SQL commands via ...

This SQL injection vulnerability in g33kyrash Online-Banking-System allows attackers to manipulate database queries through the Username parameter in ...

This SQL injection vulnerability in Campcodes School Fees Payment Management System 1.0 allows attackers to execute arbitrary SQL commands through the...

Campcodes School Fees Payment Management System 1.0 contains a SQL injection vulnerability in the login function via the Username parameter. This allo...

This SQL injection vulnerability in itsourcecode Inventory Management System 1.0 allows remote attackers to execute arbitrary SQL commands through the...