CWE-74: Injection

CVE-2025-13581 is an SQL injection vulnerability in itsourcecode Student Information System 1.0 that allows remote attackers to execute arbitrary SQL ...

This SQL injection vulnerability in code-projects Library System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in...

CVE-2025-13580 is a SQL injection vulnerability in code-projects Library System 1.0 affecting the /mail.php file. Attackers can remotely exploit this ...

This SQL injection vulnerability in code-projects Blog Site 1.0 allows attackers to manipulate database queries through the category_exists function. ...

This vulnerability allows remote attackers to execute SQL injection attacks against Simple Food Ordering System 1.0 by manipulating the ID parameter i...

This CVE describes a SQL injection vulnerability in the itsourcecode COVID Tracking System 1.0. Attackers can exploit this by manipulating the ID para...

CVE-2025-13568 is a SQL injection vulnerability in itsourcecode COVID Tracking System 1.0 that allows remote attackers to execute arbitrary SQL comman...

CVE-2025-13569 is an SQL injection vulnerability in itsourcecode COVID Tracking System 1.0 that allows attackers to manipulate database queries throug...

CVE-2025-13567 is a SQL injection vulnerability in itsourcecode COVID Tracking System 1.0 that allows remote attackers to execute arbitrary SQL comman...

This CVE describes a SQL injection vulnerability in the ashraf-kabir travel-agency software's search functionality. Attackers can remotely exploit the...

CVE-2025-13396 is a SQL injection vulnerability in code-projects Courier Management System 1.0 that allows attackers to manipulate database queries th...

This SQL injection vulnerability in SourceCodester Train Station Ticketing System 1.0 allows attackers to manipulate database queries via the /ajax.ph...

This CVE describes a command injection vulnerability in D-Link routers that allows attackers to execute arbitrary commands on affected devices by mani...

CVE-2025-13325 is a SQL injection vulnerability in itsourcecode Student Information System 1.0 that allows remote attackers to execute arbitrary SQL c...

This CVE describes a SQL injection vulnerability in the Courier Management System 1.0 by code-projects. Attackers can remotely exploit the /search-edi...

This SQL injection vulnerability in Simple Food Ordering System 1.0 allows attackers to manipulate database queries through the /saveorder.php endpoin...

This vulnerability allows remote attackers to execute arbitrary SQL commands via the SubCode parameter in the SubjectDetails.php file of the 1000proje...

CVE-2025-13287 is a SQL injection vulnerability in itsourcecode Online Voting System 1.0 that allows remote attackers to execute arbitrary SQL command...

CVE-2025-13286 is an SQL injection vulnerability in itsourcecode Online Voting System 1.0 that allows attackers to manipulate database queries through...

CVE-2025-13279 is an SQL injection vulnerability in Nero Social Networking Site 1.0 that allows remote attackers to execute arbitrary SQL commands via...

This SQL injection vulnerability in Advanced Library Management System 1.0 allows attackers to manipulate database queries through the datefrom/dateto...

Campcodes School Fees Payment Management System 1.0 contains a SQL injection vulnerability in the /ajax.php?action=delete_fees endpoint via the ID par...

CVE-2025-13273 is a SQL injection vulnerability in Campcodes School Fees Payment Management System 1.0 that allows remote attackers to execute arbitra...

This vulnerability allows remote attackers to execute injection attacks through the JDBC URL handler in Dromara dataCompare. The flaw exists in the Db...

This vulnerability allows remote attackers to execute SQL injection attacks against Campcodes School Fees Payment Management System 1.0 via the /ajax....

This vulnerability allows remote attackers to execute arbitrary SQL commands via the ID parameter in the /ajax.php?action=save_course endpoint in Camp...

This vulnerability allows remote attackers to execute SQL injection attacks against the Dental Clinic Appointment Reservation System 1.0 by manipulati...

This vulnerability allows remote attackers to execute SQL injection attacks against SourceCodester Online Magazine Management System 1.0 via the ID pa...

This CVE describes an SQL injection vulnerability in SourceCodester Online Magazine Management System 1.0. Attackers can exploit the 'c' parameter in ...

Campcodes Supplier Management System 1.0 contains a SQL injection vulnerability in the manufacturer/edit_product.php file via the cmbProductUnit param...

CVE-2025-13259 is a SQL injection vulnerability in Campcodes Supplier Management System 1.0 that allows attackers to execute arbitrary SQL commands vi...

This CVE describes a SQL injection vulnerability in the Advanced Library Management System 1.0 by projectworlds. Attackers can exploit the roll_number...

This SQL injection vulnerability in Advanced Library Management System 1.0 allows attackers to manipulate database queries through the roll_number par...

This SQL injection vulnerability in Advanced Library Management System 1.0 allows attackers to manipulate database queries through the book_search.php...

This SQL injection vulnerability in Advanced Library Management System 1.0 allows attackers to manipulate database queries through the Username parame...

This CVE describes a SQL injection vulnerability in WeiYe-Jing datax-web versions up to 2.1.2. Attackers can execute arbitrary SQL commands remotely, ...

This SQL injection vulnerability in code-projects Student Information System 2.0 allows attackers to execute arbitrary SQL commands through the /editp...

This SQL injection vulnerability in itsourcecode Inventory Management System 1.0 allows attackers to manipulate database queries through the ID parame...

This CVE describes a SQL injection vulnerability in itsourcecode Inventory Management System 1.0. Attackers can remotely exploit the /index.php?q=prod...

This SQL injection vulnerability in ZZCMS 2023 allows remote attackers to execute arbitrary SQL commands through the 'keyword' parameter in /admin/wan...

This CVE describes a SQL injection vulnerability in CodeAstro Gym Management System 1.0 that allows attackers to manipulate database queries through t...

This SQL injection vulnerability in ury-erp allows attackers to manipulate database queries through the search_term parameter in the overrided_past_or...

This CVE describes a SQL injection vulnerability in AMTT Hotel Broadband Operation System 1.0. Attackers can remotely exploit the /user/portal/get_fir...

This vulnerability allows remote attackers to execute arbitrary SQL commands on SourceCodester Alumni Management System 1.0 through SQL injection in t...

Campcodes School Fees Payment Management System 1.0 contains a SQL injection vulnerability in the /ajax.php?action=save_student endpoint via the ID pa...

This SQL injection vulnerability in SourceCodester Farm Management System 1.0 allows attackers to manipulate database queries through the /review.php ...

This vulnerability allows remote attackers to execute arbitrary commands on Sangfor Operation and Maintenance Security Management System 3.0 through c...

This CVE describes an SQL injection vulnerability in shawon100 RUET OJ's /details.php file through manipulation of the ID parameter. Remote attackers ...

This SQL injection vulnerability in shawon100 RUET OJ allows attackers to manipulate database queries via the Name parameter in /contestproblem.php. A...

This SQL injection vulnerability in RUET OJ's /description.php file allows remote attackers to manipulate database queries via the ID parameter. It af...