CWE-74: Injection

This SQL injection vulnerability in SourceCodester Wedding Reservation Management System 1.0 allows remote attackers to execute arbitrary SQL commands...

This SQL injection vulnerability in SourceCodester Simple E-Commerce Bookstore 1.0 allows attackers to manipulate database queries through the login_u...

Advanced Library Management System 1.0 contains a SQL injection vulnerability in the view_member.php file through the user_id parameter. Attackers can...

This SQL injection vulnerability in SourceCodester Hotel and Lodge Management System 1.0 allows attackers to manipulate database queries through the /...

This vulnerability allows remote attackers to execute arbitrary SQL commands via the 'currsymbol' parameter in the /edit_curr.php file of SourceCodest...

CVE-2025-11434 is an SQL injection vulnerability in itsourcecode Student Transcript Processing System 1.0 that allows attackers to manipulate database...

This vulnerability allows remote attackers to execute SQL injection attacks via the Username parameter in the /admin/login.php file of Campcodes Advan...

This vulnerability allows remote attackers to execute SQL injection attacks via the 'delid' parameter in the /admin/customer-list.php file of PHPGuruk...

An SQL injection vulnerability exists in SourceCodester Hotel and Lodge Management System 1.0's login.php file via the email parameter. This allows re...

This SQL injection vulnerability in Simple Food Ordering System 1.0 allows remote attackers to execute arbitrary SQL commands via the Category paramet...

This vulnerability allows remote attackers to execute arbitrary SQL commands via the searchdata parameter in /search-visitor.php in Campcodes Online A...

This vulnerability allows unauthenticated SQL injection in the Student Crud Operation 3.3 software via the delete.php file. Attackers can manipulate t...

Campcodes Online Apartment Visitor Management System 1.0 contains a SQL injection vulnerability in the /visitor-detail.php file through the editid par...

This SQL injection vulnerability in code-projects Online Course Registration 1.0 allows attackers to manipulate database queries through the ID parame...

This CVE describes a SQL injection vulnerability in Tipray's Data Leakage Prevention System version 1.0. Attackers can exploit the findCategoryPage.do...

This vulnerability allows remote attackers to execute arbitrary SQL commands via the 'sort' parameter in the findRolePage function of Tipray Data Leak...

This CVE describes a SQL injection vulnerability in Tipray's Data Leakage Prevention System version 1.0. Attackers can exploit the findUserPage.do end...

This CVE describes a SQL injection vulnerability in Tipray Data Leakage Prevention System 1.0. Attackers can remotely exploit the findModulePage.do en...

This SQL injection vulnerability in Tipray Data Leakage Prevention System allows attackers to execute arbitrary SQL commands by manipulating the 'sort...

This CVE describes a SQL injection vulnerability in Tipray Data Leakage Prevention System 1.0. Attackers can remotely exploit the 'sort' parameter in ...

This vulnerability allows remote attackers to execute arbitrary SQL commands via the starttime/endtime parameters in the /addtime.php file of Simple S...

This SQL injection vulnerability in Campcodes Advanced Online Voting Management System 1.0 allows attackers to manipulate database queries through the...

This SQL injection vulnerability in Campcodes Computer Sales and Inventory System 1.0 allows attackers to manipulate database queries through the /pag...

This vulnerability allows remote attackers to execute arbitrary SQL commands via the 'corcode' parameter in the /schedulingsystem/addcourse.php file i...

CVE-2025-11105 is an SQL injection vulnerability in code-projects Simple Scheduling System 1.0 affecting the /schedulingsystem/addsubject.php file. At...

CVE-2025-11101 is a SQL injection vulnerability in itsourcecode Open Source Job Portal 1.0 that allows remote attackers to execute arbitrary SQL comma...

This SQL injection vulnerability in code-projects E-Commerce Website 1.0 allows attackers to manipulate database queries through the prod_id parameter...

This CVE describes a SQL injection vulnerability in kidaze CourseSelectionSystem that allows remote attackers to execute arbitrary SQL commands via ma...

This SQL injection vulnerability in Campcodes Online Learning Management System 1.0 allows attackers to manipulate database queries through the depart...

This SQL injection vulnerability in Project Monitoring System 1.0 allows attackers to execute arbitrary SQL commands through the login form. Attackers...

Projectworlds Online Shopping System 1.0 contains a SQL injection vulnerability in the /store/cart_add.php file that allows remote attackers to execut...

This SQL injection vulnerability in Campcodes Online Learning Management System 1.0 allows attackers to execute arbitrary SQL commands via the 'depart...

Campcodes Online Learning Management System 1.0 contains a SQL injection vulnerability in the /admin/save_student.php file via the class_id parameter....

This vulnerability allows remote attackers to execute SQL injection attacks against SourceCodester Pet Grooming Management Software 1.0 via the ID par...

This vulnerability allows remote attackers to execute SQL injection attacks against SourceCodester Online Hotel Reservation System 1.0 via the 'addres...

CVE-2025-11053 is a SQL injection vulnerability in PHPGurukul Small CRM 4.0's password reset function. Attackers can exploit the 'email' parameter in ...

CVE-2025-11052 is a SQL injection vulnerability in kidaze CourseSelectionSystem 1.0 that allows remote attackers to execute arbitrary SQL commands via...

This vulnerability allows remote attackers to execute arbitrary commands on WAYOS LQ series devices by manipulating the Name parameter in the /usb_pas...

Campcodes Computer Sales and Inventory System 1.0 contains a SQL injection vulnerability in the /pages/us_edit1.php file via the ID parameter. This al...

This SQL injection vulnerability in code-projects E-Commerce Website 1.0 allows remote attackers to execute arbitrary SQL commands via the user_id par...

This vulnerability allows remote attackers to execute SQL injection attacks against kidaze CourseSelectionSystem by manipulating the CPU parameter in ...

This CVE describes a SQL injection vulnerability in the JackieDYH Resume-management-system's /admin/show.php file via the userid parameter. Attackers ...

This CVE describes a SQL injection vulnerability in MuFen-mker PHP-Usermm software affecting the /chkuser.php endpoint. Attackers can manipulate the U...

CVE-2025-10857 is an SQL injection vulnerability in Campcodes Point of Sale System POS 1.0 that allows attackers to manipulate database queries throug...

CVE-2025-10851 is an SQL injection vulnerability in Campcodes Gym Management System 1.0 that allows remote attackers to execute arbitrary SQL commands...

CVE-2025-10843 is an SQL injection vulnerability in Reservation Online Hotel Reservation System 1.0 that allows remote attackers to execute arbitrary ...

This SQL injection vulnerability in code-projects Online Bidding System 1.0 allows attackers to manipulate database queries through the ID parameter i...

This vulnerability allows remote attackers to execute SQL injection attacks against SourceCodester Pet Grooming Management Software 1.0 via the ID par...

CVE-2025-10833 is an SQL injection vulnerability in the 1000projects Bookstore Management System 1.0 login.php file that allows remote attackers to ex...

Campcodes Computer Sales and Inventory System 1.0 contains a SQL injection vulnerability in the /pages/sup_edit1.php file through manipulation of the ...