Skip to main content

PHP

24729 CVEs product

Monthly

CVE-2026-6193 MEDIUM POC This Month

A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-39940 MEDIUM PATCH This Month

Open redirect vulnerability in ChurchCRM prior to 7.0.0 allows authenticated users to be redirected to arbitrary URLs via malicious 'linkBack' parameters across multiple application pages, including DonatedItemEditor.php. An attacker can craft a link embedding an attacker-controlled URL that executes when a victim clicks the 'Cancel' button, enabling phishing and credential harvesting attacks. EPSS scoring (0.04%, percentile 11%) indicates low real-world exploitation probability despite authenticated access requirement.

Open Redirect PHP
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-6191 LOW POC Monitor

SQL injection in itsourcecode Construction Management System 1.0 allows authenticated remote attackers to manipulate the Name parameter in /equipments.php, leading to unauthorized data access or modification. The CVSS score of 5.3 reflects low confidentiality and integrity impact, and the extremely low EPSS score (0.03%, 8th percentile) indicates minimal real-world exploitation likelihood despite publicly available exploit code.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6190 LOW POC Monitor

SQL injection in itsourcecode Construction Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the Name parameter in /employees.php, resulting in confidentiality, integrity, and authenticity breaches. The vulnerability requires low-privilege authentication and has publicly available exploit code, elevating practical risk despite the moderate CVSS score of 6.3.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6189 MEDIUM POC This Month

SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows unauthenticated remote attackers to extract, modify, or delete database contents via the Username parameter in /ajax.php?action=login. The vulnerability enables low-complexity attacks requiring no user interaction, with publicly available exploit code (EPSS probability data not provided, not listed in CISA KEV). Attackers can compromise confidentiality, integrity, and availability of the pharmacy inventory database without authentication.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6188 MEDIUM POC This Month

SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL queries via the ID parameter in /ajax.php?action=delete_sales, with publicly available exploit code and evidence of active proof-of-concept publication.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6187 MEDIUM POC This Month

SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL queries via the ID parameter in /ajax.php?action=chk_prod_availability, enabling unauthorized data access and modification. The vulnerability has a publicly available exploit and carries a CVSS score of 6.9 with confirmed proof-of-concept code available on GitHub.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6184 LOW POC Monitor

Stored cross-site scripting (XSS) in code-projects Simple Content Management System 1.0 allows authenticated high-privilege attackers to inject malicious scripts via the News Title parameter in /web/admin/welcome.php, affecting all versions of the product. The vulnerability requires user interaction (UI:R) to execute but has publicly available exploit code and a low CVSS score (2.4) due to high privilege requirements and limited impact scope.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-6183 MEDIUM POC This Month

SQL injection in code-projects Simple Content Management System 1.0 allows unauthenticated remote attackers to manipulate the ID parameter in /web/index.php and execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. Publicly available exploit code exists and the vulnerability carries a CVSS 6.9 score reflecting moderate confidentiality, integrity, and availability impact across the network-accessible endpoint.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6182 MEDIUM POC This Month

SQL injection in code-projects Simple Content Management System 1.0 allows unauthenticated remote attackers to manipulate the User parameter in /web/admin/login.php, enabling database query manipulation with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, increasing real-world attack likelihood despite the moderate CVSS score of 6.9.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6167 MEDIUM POC This Month

SQL injection in code-projects Faculty Management System 1.0 via the ID parameter in /subject-print.php allows unauthenticated remote attackers to execute arbitrary SQL queries and exfiltrate or modify database contents with low confidentiality and integrity impact. Publicly available exploit code exists, creating immediate operational risk for organizations running this system.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6166 MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL queries via the VEHICLE_ID parameter in /util/UpdateVehicleFunction.php, achieving confidentiality and integrity compromise. Publicly available exploit code exists and the vulnerability carries a CVSS 6.9 score with confirmed exploitability (E:P rating).

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6165 MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows remote unauthenticated attackers to manipulate the ID parameter in /util/Login_check.php, leading to unauthorized data access or modification. The vulnerability has been publicly disclosed with exploit code available, increasing real-world exploitation risk despite its low-to-moderate CVSS score of 6.9.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6164 MEDIUM POC This Month

SQL injection in Lost and Found Thing Management 1.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via the cata parameter in /addcat.php. The vulnerability has CVSS 6.9 (network-accessible, low complexity) and publicly available exploit code exists, making it a practical attack vector for data exfiltration and manipulation in this PHP-based application.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6163 MEDIUM POC This Month

SQL injection in code-projects Lost and Found Thing Management 1.0 allows remote unauthenticated attackers to execute arbitrary SQL queries via the cat parameter in /catageory.php, enabling data exfiltration and potential database manipulation. The vulnerability has a publicly available exploit and carries a CVSS score of 6.9 with confirmed low impact to confidentiality, integrity, and availability. Active exploitation status has not been confirmed at time of analysis, but the accessible nature of the vulnerability and public exploit availability elevate operational risk.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6162 LOW POC Monitor

Reflected cross-site scripting (XSS) in PHPGurukul Company Visitor Management System 2.0 allows authenticated remote attackers to inject malicious scripts via the fromdate parameter in /bwdates-reports-details.php. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), but publicly available exploit code exists, elevating practical risk despite the moderate CVSS score of 5.1.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-6161 MEDIUM POC This Month

SQL injection in code-projects Simple ChatBox up to version 1.0 allows remote unauthenticated attackers to execute arbitrary SQL queries via manipulation of the msg parameter in the /chatbox/insert.php endpoint, leading to confidentiality and integrity compromise. The vulnerability has a CVSS score of 6.9 and publicly available exploit code exists, increasing real-world risk despite the moderate base score.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6159 LOW POC Monitor

Cross-site scripting (XSS) in Simple ChatBox up to version 1.0 allows remote attackers to inject malicious scripts via the msg parameter in the /chatbox/insert.php endpoint, with user interaction required. The vulnerability has publicly available exploit code and affects the PHP-based chat application component. Impact is limited to integrity of user sessions, but the attack vector is remote and requires no authentication.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6153 MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL queries via the STAFF_ID parameter in /util/StaffDetailsFunction.php, enabling unauthorized database access with limited confidentiality and integrity impact. Public exploit code is available, and the vulnerability has a CVSS score of 6.9 with confirmed exploitability.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6152 MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to read, modify, or delete database contents via the STAFF_ID parameter in /util/StaffAddingFunction.php. CVSS score of 7.3 (High) reflects network-accessible attack requiring no privileges or user interaction. Publicly available exploit code exists (GitHub POC), significantly lowering exploitation barrier, though no active exploitation confirmed via CISA KEV at time of analysis.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6151 MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to extract, modify, or delete database records via the CUSTOMER_ID parameter in /util/PaymentStatusFunction.php. CVSS 7.3 (High) with low attack complexity and no authentication required. Publicly available exploit code exists (GitHub POC published), significantly lowering the barrier to exploitation. No vendor-released patch identified at time of analysis, creating an urgent risk for exposed deployments.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6150 LOW POC Monitor

Cross-site scripting (XSS) in code-projects Simple Laundry System 1.0 allows remote attackers to inject arbitrary scripts via the serviceId parameter in /checkupdatestatus.php. The vulnerability requires user interaction (UI:R) and results in low integrity impact, but is publicly available with exploit code and has been disclosed. CVSS base score is 4.3 with relatively low real-world risk due to UI requirement and limited impact scope, though the presence of public POC increases adoption likelihood among less-skilled attackers.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6149 MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to extract, modify, or delete database contents via the BRANCH_ID parameter in /util/BookVehicleFunction.php. The vulnerability has publicly available exploit code (GitHub POC), enabling trivial exploitation with low attack complexity. CVSS 7.3 reflects medium-severity impacts across confidentiality, integrity, and availability. No vendor patch has been identified at time of analysis.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6148 MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to extract, modify, or delete database contents via the BRANCH_ID parameter in MonthTotalReportUpdateFunction.php. Publicly available exploit code exists (GitHub POC published), enabling trivial exploitation with no user interaction required. CVSS 7.3 reflects network-accessible attack with low complexity and no authentication barrier, creating immediate risk for internet-exposed instances.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6142 MEDIUM POC This Month

SQL injection in tushar-2223 Hotel Management System /admin/roomdelete.php allows unauthenticated remote attackers to manipulate database queries via the ID parameter, potentially compromising confidentiality, integrity, and availability of hotel management data. Publicly available exploit code exists (CVSS 7.3, EPSS not provided). The vulnerability affects all versions up to commit bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15 in this rolling-release project, and the maintainer has not responded to responsible disclosure attempts.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-36942 LOW Monitor

SQL injection in Sourcecodester Online Resort Management System v1.0 allows high-privilege authenticated attackers to read sensitive application data via crafted input to the /orms/admin/activities/manage_activity.php endpoint. The vulnerability requires administrator-level credentials and produces only confidentiality impact with negligible real-world exploitation risk, as indicated by 0.02% EPSS score and CISA SSVC partial technical impact assessment.

PHP SQLi
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36947 LOW Monitor

SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 at /rsms/admin/services/view_service.php allows authenticated administrators to extract sensitive database information with low complexity. The vulnerability requires high-privilege (admin) access and does not enable data modification or denial of service, limiting real-world impact despite the unauthenticated attack vector network availability. No active exploitation or public proof-of-concept tools have been confirmed; EPSS score of 0.02% and SSVC framework rating 'none' exploitation status indicate minimal practical risk despite CVSS 2.7 rating.

SQLi PHP N A
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36946 LOW Monitor

SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 at /rsms/admin/inquiries/view_details.php allows high-privileged authenticated administrators to extract limited data via crafted SQL queries. The vulnerability requires admin-level access and produces only confidentiality impact with minimal real-world exploitation likelihood (EPSS 0.02%, CVSS 2.7, SSVC framework indicates no practical exploitation path).

SQLi PHP
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36923 LOW Monitor

SQL Injection in Sourcecodester Cab Management System 1.0 allows high-privilege administrators to extract limited database information via the /cms/admin/bookings/view_booking.php endpoint. The vulnerability requires authenticated admin access and carries minimal real-world risk given its low EPSS score (0.02%) and CISA SSVC assessment indicating no exploitation status, non-automatable exploitation, and only partial technical impact.

SQLi PHP N A
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36922 LOW Monitor

SQL injection in Sourcecodester Cab Management System v1.0 allows high-privilege authenticated attackers to extract sensitive data via the /cms/admin/categories/view_category.php endpoint. The vulnerability requires administrative credentials and has minimal real-world impact (CVSS 2.7, EPSS 0.02%), with no evidence of active exploitation or public exploit code.

SQLi PHP N A
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36919 LOW Monitor

SQL injection in Sourcecodester Online Reviewer System v1.0 allows high-privileged authenticated attackers to conduct limited information disclosure through the exam update functionality at /system/system/admins/assessments/examproper/exam-update.php. The vulnerability carries minimal real-world risk due to required administrative privileges (PR:H), low EPSS exploitation probability (0.02%), and CISA SSVC assessment indicating no exploitation trend, non-automatable attack, and only partial technical impact.

SQLi PHP N A
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36874 LOW Monitor

SQL injection in Sourcecodester Basic Library System v1.0 at /librarysystem/load_student.php allows high-privilege authenticated attackers to read sensitive database information. The vulnerability requires administrative-level privileges and manual user interaction is absent, but real-world risk is minimal due to extremely low EPSS score (0.02%), CVSS severity of 2.7, and CISA SSVC assessment indicating no exploitation activity, non-automatable conditions, and only partial technical impact.

SQLi PHP
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36873 LOW Monitor

SQL injection in Sourcecodester Basic Library System v1.0 allows high-privilege authenticated attackers to extract sensitive data via the /librarysystem/load_admin.php endpoint. The vulnerability requires administrative authentication, limiting exposure to compromised or malicious admin accounts. EPSS exploitation probability is minimal at 0.02% (6th percentile), and no public exploit code has been identified, making this a low-priority issue despite the SQL injection vector.

SQLi PHP N A
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36872 LOW Monitor

SQL injection in Sourcecodester Basic Library System v1.0 allows high-privilege authenticated attackers to extract limited information from the database via crafted input to /librarysystem/load_book.php. The vulnerability requires administrative credentials and has very low real-world risk (EPSS 0.02%, CVSS 2.7) with no public exploit code identified; CISA does not list it as actively exploited.

SQLi PHP N A
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36920 LOW Monitor

SQL injection in Sourcecodester Online Reviewer System v1.0 allows high-privileged authenticated users to extract limited data via a crafted SQL query in the questions-view.php endpoint. The vulnerability requires administrator-level credentials and lacks evidence of active exploitation or public exploit tooling, resulting in a minimal real-world risk profile despite confirmed SQL injection capability.

SQLi PHP N A
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36944 LOW Monitor

SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 allows authenticated high-privilege users to read sensitive database content via crafted input in the repairs details viewer. The vulnerability requires admin-level authentication and carries minimal real-world risk given the CVSS 2.7 score, EPSS 0.02% exploitation probability, and CISA SSVC assessment indicating no known exploitation, non-automatable attack, and only partial technical impact (confidentiality). No active exploitation has been confirmed.

SQLi PHP
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36943 LOW Monitor

SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 at /rsms/admin/repairs/manage_repair.php allows authenticated administrators to extract or modify limited database information. The attack requires high-level administrative privileges and produces only confidentiality impact; EPSS probability is minimal (0.02%), and CISA SSVC assessment indicates no evidence of real-world exploitation.

SQLi PHP
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2025-51414 HIGH This Week

In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page.

PHP File Upload RCE Code Injection
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-36952 LOW Monitor

SQL injection in Sourcecodester Online Thesis Archiving System v1.0 at /otas/admin/curriculum/manage_curriculum.php allows authenticated high-privileged administrators to extract sensitive database information through unsanitized query parameters. With a CVSS score of 2.7 and EPSS of 0.01% (2nd percentile), this vulnerability presents minimal real-world risk despite valid SQL injection mechanics, as exploitation requires admin-level credentials and yields only confidentiality impact. No public exploit code or active exploitation has been confirmed.

PHP SQLi
NVD GitHub
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36950 LOW Monitor

SQL injection in Sourcecodester Online Thesis Archiving System v1.0 allows high-privilege authenticated attackers to extract sensitive information via the /otas/projects_per_department.php endpoint. The vulnerability requires admin-level credentials (PR:H per CVSS) and has minimal confidentiality impact with an EPSS score of 0.01%, indicating very low real-world exploitation probability despite public disclosure on GitHub.

PHP SQLi
NVD GitHub
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36948 HIGH This Week

SQL injection in Sourcecodester Online Thesis Archiving System v1.0's /otas/view_archive.php endpoint allows remote unauthenticated attackers to manipulate database queries, potentially extracting sensitive thesis data, authentication credentials, or modifying database contents. No public exploit identified at time of analysis, with minimal observed exploitation probability (EPSS 0.01%, 2nd percentile). The vulnerability affects a PHP-based academic archiving platform with limited deployment footprint.

PHP SQLi
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-36938 LOW Monitor

SQL injection in Sourcecodester Online Resort Management System v1.0 allows high-privileged authenticated attackers to query the database with limited confidentiality impact via the /orms/admin/rooms/view_room.php endpoint. The CVSS score of 2.7 and EPSS percentile of 6% reflect low real-world exploitation probability; SSVC assessment confirms no known automated exploit path and only partial technical impact (information disclosure). No public exploit code or active exploitation has been identified.

SQLi PHP
NVD GitHub
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36937 LOW Monitor

SQL injection in Sourcecodester Online Resort Management System v1.0 allows authenticated high-privilege users to execute arbitrary SQL queries via the /orms/admin/reservations/view_details.php endpoint, resulting in limited information disclosure. The vulnerability requires administrative access and carries minimal real-world risk due to CVSS 2.7, EPSS 0.02% (6th percentile), and SSVC framework assessment indicating no active exploitation and non-automatable attack requirements.

SQLi PHP
NVD GitHub
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36941 LOW Monitor

SQL Injection in Sourcecodester Online Resort Management System v1.0 allows authenticated administrators to extract or modify database contents via the /orms/admin/rooms/manage_room.php endpoint. The vulnerability requires high-privilege administrative access and has minimal real-world impact given the CVSS score of 2.7, EPSS exploitation probability of 0.02%, and CISA SSVC determination of non-exploitable status with only partial technical impact. No active exploitation has been confirmed.

SQLi PHP
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-36945 LOW Monitor

SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 allows authenticated administrators to execute arbitrary SQL queries via the /rsms/admin/clients/manage_client.php endpoint, potentially exposing sensitive data with low confidentiality impact. The vulnerability requires high-privilege administrator authentication and carries minimal real-world risk (EPSS 0.02%, SSVC indicates no exploitation activity), but represents a common code quality issue in open-source PHP applications that warrants remediation during security updates.

SQLi PHP
NVD GitHub VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2019-25710 PHP HIGH POC GHSA This Week

Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary SQL queries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB
CVSS 4.0
8.8
EPSS
0.0%
CVE-2019-25707 HIGH POC This Week

eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2019-25703 HIGH POC This Week

ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2019-25697 HIGH POC This Week

CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB GitHub
CVSS 4.0
8.8
EPSS
0.1%
CVE-2019-25693 HIGH POC This Week

ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP CSRF
NVD Exploit-DB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-31845 CRITICAL Act Now

Reflected cross-site scripting (XSS) in Rukovoditel CRM 3.6.4's Zadarma telephony API endpoint allows remote attackers to execute arbitrary JavaScript in victim browsers without authentication. The vulnerability stems from direct reflection of the 'zd_echo' GET parameter without sanitization. With CVSS 9.3 (Critical), changed scope (S:C), and no authentication required (PR:N), this enables session hijacking and account takeover via malicious links. No public exploit identified at time of analysis, though proof-of-concept is trivial given the code-level disclosure. EPSS data not available.

XSS PHP
NVD VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-5809 HIGH This Week

Arbitrary file deletion in wpForo Forum plugin for WordPress (≤3.0.2) allows authenticated attackers with subscriber-level access to delete critical server files including wp-config.php. A two-step logic flaw permits injection of attacker-controlled file paths via poisoned postmeta arrays (data[body][fileurl]), which are later passed unvalidated to wp_delete_file(). The vulnerability requires low-privilege authentication (PR:L) and enables denial-of-service against WordPress installations through deletion of configuration or core files. No public exploit identified at time of analysis.

WordPress PHP Information Disclosure
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-4979 MEDIUM This Month

Blind Server-Side Request Forgery in UsersWP WordPress plugin versions up to 1.2.58 allows authenticated subscribers and above to force the WordPress server to make arbitrary HTTP requests via the uwp_crop parameter in avatar/banner image crop operations. The vulnerability stems from insufficient URL origin validation in the process_image_crop() method, which accepts user-controlled URLs and passes them to PHP image processing functions that support URL wrappers, enabling internal network reconnaissance and potential access to sensitive services. No public exploit code or active exploitation has been confirmed, though the vulnerability requires only authenticated access and low attack complexity.

PHP SSRF WordPress
NVD GitHub VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-5217 HIGH This Week

Unauthenticated stored XSS in Optimole WordPress plugin (≤4.2.2) allows attackers to inject malicious scripts via the srcset descriptor parameter in the /wp-json/optimole/v1/optimizations REST endpoint. Despite HMAC signature validation, authentication tokens are exposed in frontend HTML, enabling exploitation. Injected payloads persist in WordPress options table via transients and execute when victim browsers render affected pages. No public exploit identified at time of analysis.

XSS PHP WordPress
NVD VulDB
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-40194 PHP LOW PATCH GHSA Monitor

phpseclib's SSH2 packet authentication uses PHP's non-constant-time != operator to compare HMACs, enabling timing-based information disclosure attacks on SSH sessions. The vulnerability affects phpseclib versions prior to 1.0.28, 2.0.53, and 3.0.51. An unauthenticated remote attacker can exploit variable-time comparison behavior to infer valid HMAC values through precise timing measurements, potentially compromising the confidentiality of SSH communications. No public exploit code or active exploitation has been confirmed, but this is a cryptographic timing vulnerability with proven scalability via benchmarking.

PHP Information Disclosure
NVD GitHub VulDB
CVSS 3.1
3.7
EPSS
0.0%
CVE-2026-33704 HIGH PATCH This Week

Remote code execution in Chamilo LMS versions prior to 1.11.38 allows authenticated users (including low-privilege students) to upload and execute arbitrary PHP code through the BigUpload endpoint. Attackers exploit insufficient file extension filtering by uploading .pht files containing malicious code, which Apache servers with default .pht handlers execute as PHP. The vulnerability enables authenticated attackers to achieve full server compromise through unrestricted arbitrary file write capabilities. No public exploit identified at time of analysis.

Apache PHP File Upload RCE
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-32931 HIGH PATCH This Week

Remote code execution in Chamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3 allows authenticated teachers to upload PHP webshells through the exercise sound upload function by spoofing Content-Type headers to audio/mpeg. Uploaded malicious files retain their .php extensions and execute in web-accessible directories with web server privileges (www-data). Attack requires low-privilege teacher account but no user interaction. No public exploit identified at time of analysis.

RCE PHP File Upload
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-32892 CRITICAL PATCH Act Now

OS command injection in Chamilo LMS 1.x (prior to 1.11.38) and 2.0.0-RC.x (prior to RC.3) allows authenticated teacher-role users to execute arbitrary system commands via unsanitized file path parameters. The move() function in fileManage.lib.php concatenates user-controlled move_to POST values directly into exec() shell commands without proper escaping. Any authenticated user can exploit this by creating a course (enabled by default), uploading a directory with shell metacharacters via Course Backup Import, then moving a document to trigger command execution as www-data. No public exploit identified at time of analysis.

PHP Command Injection
NVD GitHub
CVSS 3.1
9.1
EPSS
0.2%
CVE-2026-33702 HIGH PATCH This Week

Insecure Direct Object Reference in Chamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3 allows authenticated users enrolled in a course to manipulate arbitrary Learning Path progress data for other users. The lp_ajax_save_item.php endpoint accepts a uid parameter without ownership validation, enabling attackers to overwrite scores, completion status, and time tracking for any enrolled user by modifying the request parameter. No public exploit identified at time of analysis. CVSS 7.1 (High) reflects authenticated network-based exploitation with high integrity impact.

PHP Authentication Bypass
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-33698 CRITICAL PATCH Act Now

Arbitrary file write vulnerability in Chamilo LMS versions before 1.11.38 allows unauthenticated remote attackers to modify existing files or create new files with system-level permissions through a chained attack exploiting the main/install/ directory. Attackers can bypass PHP execution restrictions when the installation directory remains accessible post-deployment, enabling complete system compromise where filesystem permissions permit. This vulnerability affects portals that have not removed the main/install/ directory after initial setup. No public exploit identified at time of analysis.

PHP Information Disclosure Path Traversal
NVD GitHub
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-33618 HIGH PATCH This Week

Remote code execution in Chamilo LMS versions prior to 2.0.0-RC.3 allows authenticated attackers with administrative privileges to inject and execute arbitrary PHP code via platform configuration settings. The PlatformConfigurationController::decodeSettingArray() method unsafely uses eval() to parse database-stored settings, executing injected code when any user-including unauthenticated visitors-accesses the /platform-config/list endpoint. Exploitation requires low-privilege authentication (PR:L) but delivers full system compromise with high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis.

RCE PHP Code Injection
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-31940 HIGH PATCH This Week

Session fixation in Chamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3 enables unauthenticated remote attackers to hijack user sessions via main/lp/aicc_hacp.php. User-controlled request parameters directly manipulate PHP session IDs before application bootstrap, allowing attackers to force victims into attacker-controlled sessions. Successful exploitation grants high-severity access to confidential data and platform integrity. No public exploit identified at time of analysis.

PHP Information Disclosure Session Fixation
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-31939 HIGH PATCH This Week

Path traversal in Chamilo LMS main/exercise/savescores.php enables authenticated attackers to delete arbitrary files on the server. Vulnerable versions prior to 1.11.38 fail to sanitize the 'test' parameter from $_REQUEST, allowing directory traversal sequences to escape intended paths and target critical system or application files. Attackers with low-level authenticated access can exploit this remotely without user interaction, resulting in high integrity and availability impact through targeted file deletion.

PHP Path Traversal
NVD GitHub
CVSS 3.1
8.3
EPSS
0.0%
CVE-2025-58913 HIGH This Week

Local file inclusion in CactusThemes VideoPro WordPress theme through version 2.3.8.1 allows unauthenticated remote attackers to read arbitrary files on the server via improper filename control in PHP include/require statements. Exploitation requires high attack complexity but no user interaction. EPSS score indicates low observed exploitation activity; no public exploit identified at time of analysis.

PHP Information Disclosure LFI
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-5804 HIGH PATCH This Week

Local file inclusion in Case Themes Case Theme User WordPress plugin (versions prior to 1.0.4) enables unauthenticated remote attackers to include arbitrary local files via PHP require/include statements. Successful exploitation requires high attack complexity and user interaction, but grants full compromise of confidentiality, integrity, and availability. Attackers may read sensitive configuration files, execute malicious code if file upload exists, or escalate to remote code execution through log poisoning techniques. No public exploit identified at time of analysis.

PHP Information Disclosure LFI
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-6038 MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 via the BRANCH_ID parameter in /util/RegisterCustomerFunction.php allows unauthenticated remote attackers to manipulate database queries with low complexity, affecting data confidentiality and integrity. Publicly available exploit code exists, increasing real-world exploitation risk despite the moderate CVSS 6.9 score.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6037 MEDIUM POC This Month

A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This affects an unknown function of the file /util/AddVehicleFunction.php. This manipulation of the argument BRANCH_ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6036 MEDIUM POC This Month

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. The impacted element is an unknown function of the file /util/VehicleDetailsFunction.php. The manipulation of the argument VEHICLE_ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6035 LOW POC Monitor

Reflected cross-site scripting (XSS) in code-projects Vehicle Showroom Management System 1.0 allows remote attackers to inject malicious scripts via the BRANCH_ID parameter in /BranchManagement/ServiceAndSalesReport.php. The vulnerability requires user interaction (UI:P) but no authentication, with publicly available exploit code disclosed. CVSS 5.3 reflects moderate severity with integrity impact limited to confidentiality of user sessions rather than data modification.

XSS PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6034 LOW POC Monitor

Reflected cross-site scripting (XSS) in code-projects Vehicle Showroom Management System 1.0 allows remote unauthenticated attackers to inject malicious scripts via the BRANCH_ID parameter in /BranchManagement/ProfitAndLossReport.php, requiring user interaction to execute. Publicly available exploit code exists for this vulnerability, and while the CVSS score of 5.3 is moderate, the low integrity impact combined with user interaction requirement limits practical risk, though XSS vulnerabilities remain routinely exploitable in real-world scenarios.

XSS PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6033 LOW POC Monitor

SQL injection in CodeAstro Online Classroom 1.0 allows authenticated remote attackers to manipulate the fname parameter in /updatedetailsfromstudent.php to execute arbitrary SQL queries, achieving limited confidentiality and integrity impact. The vulnerability has publicly available exploit code and a CVSS score of 5.3, representing a moderate risk requiring authentication to exploit.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6032 LOW POC Monitor

Reflected cross-site scripting (XSS) in code-projects Simple Laundry System 1.0 allows unauthenticated remote attackers to inject arbitrary JavaScript via the serviceId parameter in /checkcheckout.php, requiring user interaction to execute. Publicly available exploit code exists for this vulnerability, and the low CVSS score of 4.3 reflects the need for user click-through and limited scope (integrity impact only), though the attack vector is network-accessible and requires no special privileges or authentication.

XSS PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6031 MEDIUM POC This Month

SQL injection in code-projects Simple IT Discussion Forum 1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands via the Category parameter in /add-category-function.php. Attackers can read, modify, or delete database contents without authentication. Publicly available exploit code exists. CVSS 7.3 (High) reflects network-accessible attack vector with low complexity and no user interaction required. Impacts confidentiality, integrity, and availability at low levels.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6030 LOW POC Monitor

SQL injection in itsourcecode Construction Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the toolname parameter in /del1.php, potentially compromising data confidentiality, integrity, and availability. Publicly available exploit code exists, and the vulnerability has been assigned CVSS 6.3 with confirmed exploitability indicators (E:P rating).

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6010 LOW POC Monitor

SQL injection in CodeAstro Online Classroom allows authenticated remote attackers to execute arbitrary SQL queries via the Q1 parameter in /OnlineClassroom/takeassessment2.php, enabling data exfiltration and modification with CVSS 6.3 severity; publicly available exploit code exists and the vulnerability affects all versions of the product.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6007 LOW POC Monitor

SQL injection in itsourcecode Construction Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the equipname parameter in /del.php, enabling data exfiltration, modification, and potential denial of service. Publicly available exploit code exists, and the vulnerability carries a CVSS score of 6.3 with confirmed exploitation potential (E:P rating).

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6006 LOW POC Monitor

SQL injection in code-projects Patient Record Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the ID parameter in /edit_hpatient.php, leading to unauthorized data access, modification, and potential denial of service. Publicly available exploit code exists (CVSS 6.3, attack vector network, low complexity, requires valid credentials). This is not confirmed as actively exploited by CISA but poses immediate risk given public POC availability and low exploitation complexity.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6005 LOW POC Monitor

SQL injection in code-projects Patient Record Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL commands via the hem_id parameter in /hematology_print.php, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has a CVSS score of 6.3 (medium) with publicly available exploit code, though no CISA KEV confirmation indicates active widespread exploitation at time of analysis.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6004 MEDIUM POC This Month

SQL injection in Simple IT Discussion Forum 1.0 by code-projects allows unauthenticated remote attackers to execute arbitrary SQL commands via the cat_id parameter in /delete-category.php, enabling unauthorized data access, modification, or deletion. Publicly available exploit code exists. CVSS 7.3 (High) reflects network-accessible attack surface with low complexity and no authentication requirement, permitting compromise of confidentiality, integrity, and availability.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-6003 LOW POC Monitor

Stored cross-site scripting (XSS) in code-projects Simple IT Discussion Forum 1.0 allows authenticated remote attackers with administrative privileges to inject malicious scripts via the fname parameter in /admin/user.php, affecting user interactions through reflected XSS. The vulnerability has a CVSS score of 2.4 but carries a public exploit, though the low CVSS reflects the requirement for high-privilege authentication and user interaction to trigger the payload.

XSS PHP
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-4351 HIGH This Week

Authenticated arbitrary file overwrite in Perfmatters WordPress plugin ≤2.5.9 allows low-privileged attackers (Subscriber-level and above) to corrupt critical server files via path traversal. The PMCS::action_handler() method processes bulk activate/deactivate actions without authorization checks or nonce verification, passing unsanitized $_GET['snippets'][] values through Snippet::activate()/deactivate() to file_put_contents(). Attackers can overwrite files like .htaccess or index.php with fixed PHP docblock content, causing denial of service. Exploitation requires authenticated access with minimal privileges. No public exploit identified at time of analysis.

WordPress PHP Path Traversal Denial Of Service
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-2712 MEDIUM This Month

WP-Optimize plugin for WordPress allows authenticated subscribers and higher to execute admin-only operations including log file access, backup image deletion, and bulk image processing due to missing capability checks in the Heartbeat handler function. The vulnerability affects all versions up to 4.5.0 and requires user authentication but no elevated privileges, enabling privilege escalation from subscriber-level accounts to perform administrative image optimization tasks that should be restricted to site administrators.

WordPress PHP Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-36234 CRITICAL Act Now

SQL injection in itsourcecode Online Student Enrollment System v1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands via the 'coursename' parameter in newCourse.php, potentially enabling complete database compromise, authentication bypass, and server-side code execution. Despite a critical 9.8 CVSS score, EPSS indicates only 0.01% exploitation probability (2nd percentile), suggesting minimal observed attacker interest. Publicly available exploit code exists (GitHub POC), but no CISA KEV listing confirms active exploitation.

PHP SQLi
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-36236 CRITICAL Act Now

SQL injection in SourceCodester Engineers Online Portal v1.0 allows remote unauthenticated attackers to execute arbitrary SQL commands through the new_password parameter in update_password.php, enabling complete database compromise, authentication bypass, and potential server takeover. Despite a critical CVSS score of 9.8, EPSS indicates only 0.01% exploitation probability (2nd percentile), and no public exploit identified at time of analysis beyond technical documentation. The vulnerable PHP application lacks input validation on password update functionality, a common weakness in legacy web portals.

PHP SQLi
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-36233 CRITICAL Act Now

SQL injection in itsourcecode Online Student Enrollment System v1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands via the 'subjcode' parameter in assignInstructorSubjects.php, potentially enabling complete database compromise, authentication bypass, and data exfiltration. CVSS 9.8 (Critical) reflects network-accessible exploitation requiring no privileges or user interaction. EPSS score of 0.01% (2nd percentile) indicates minimal observed exploitation activity, though publicly available exploit code exists via GitHub repository documentation. No vendor-released patch identified at time of analysis.

PHP SQLi
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-36232 CRITICAL Act Now

SQL injection in itsourcecode Online Student Enrollment System v1.0 allows unauthenticated remote attackers to extract, modify, or delete database contents via unsanitized classId parameter in instructorClasses.php. Despite critical CVSS 9.8 rating, EPSS score of 0.01% (2nd percentile) indicates minimal observed exploitation activity. Public proof-of-concept documentation exists on GitHub, lowering exploitation barrier for opportunistic attackers targeting educational institutions using this enrollment platform.

PHP SQLi
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-29861 CRITICAL Act Now

SQL injection in PHP-MYSQL-User-Login-System v1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands via the username parameter at login.php, potentially enabling complete database compromise, authentication bypass, and unauthorized administrative access. Publicly available exploit code exists (GitHub POC). Despite a critical CVSS score of 9.8, EPSS exploitation probability is extremely low (0.01%, 2nd percentile), and no confirmed active exploitation (not in CISA KEV). The low real-world exploitation signal suggests limited deployment or attacker interest in this specific application.

PHP SQLi
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-36235 CRITICAL Act Now

SQL injection in itsourcecode Online Student Enrollment System v1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands through the 'subjcode' parameter in scheduleSubList.php, achieving full database compromise with potential for complete system control. CVSS 9.8 (Critical) reflects network-accessible exploitation requiring no privileges or user interaction. EPSS score of 0.01% (2nd percentile) indicates minimal observed exploitation activity, and no CISA KEV listing exists, suggesting limited real-world targeting despite the theoretical severity. Public proof-of-concept documentation exists on GitHub, lowering the technical barrier for exploitation.

PHP SQLi
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-34424 CRITICAL Act Now

Supply chain compromise in Smart Slider 3 Pro 3.5.1.35 for WordPress and Joomla delivers multi-stage remote access toolkit via compromised update mechanism. Unauthenticated attackers achieve pre-authentication remote code execution through malicious HTTP headers, deploy authenticated backdoors accepting arbitrary PHP/OS commands, create hidden administrator accounts, exfiltrate credentials and API keys, and establish persistence via must-use plugins and core file modifications. Vendor confirmed malicious build distributed through official update channel. No public exploit identified at time of analysis.

RCE WordPress PHP
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2026-39848 MEDIUM PATCH This Month

CSRF vulnerability in Dockyard prior to 1.1.0 allows unauthenticated remote attackers to start or stop Docker containers by tricking a logged-in administrator into clicking a malicious link, since container control endpoints accept GET requests without CSRF token validation. An attacker can disrupt service availability or trigger unintended container state changes without authentication credentials. No active exploitation or public exploit code has been confirmed.

Docker CSRF Authentication Bypass PHP Dockyard
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Open redirect vulnerability in ChurchCRM prior to 7.0.0 allows authenticated users to be redirected to arbitrary URLs via malicious 'linkBack' parameters across multiple application pages, including DonatedItemEditor.php. An attacker can craft a link embedding an attacker-controlled URL that executes when a victim clicks the 'Cancel' button, enabling phishing and credential harvesting attacks. EPSS scoring (0.04%, percentile 11%) indicates low real-world exploitation probability despite authenticated access requirement.

Open Redirect PHP
NVD GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in itsourcecode Construction Management System 1.0 allows authenticated remote attackers to manipulate the Name parameter in /equipments.php, leading to unauthorized data access or modification. The CVSS score of 5.3 reflects low confidentiality and integrity impact, and the extremely low EPSS score (0.03%, 8th percentile) indicates minimal real-world exploitation likelihood despite publicly available exploit code.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in itsourcecode Construction Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the Name parameter in /employees.php, resulting in confidentiality, integrity, and authenticity breaches. The vulnerability requires low-privilege authentication and has publicly available exploit code, elevating practical risk despite the moderate CVSS score of 6.3.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows unauthenticated remote attackers to extract, modify, or delete database contents via the Username parameter in /ajax.php?action=login. The vulnerability enables low-complexity attacks requiring no user interaction, with publicly available exploit code (EPSS probability data not provided, not listed in CISA KEV). Attackers can compromise confidentiality, integrity, and availability of the pharmacy inventory database without authentication.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL queries via the ID parameter in /ajax.php?action=delete_sales, with publicly available exploit code and evidence of active proof-of-concept publication.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL queries via the ID parameter in /ajax.php?action=chk_prod_availability, enabling unauthorized data access and modification. The vulnerability has a publicly available exploit and carries a CVSS score of 6.9 with confirmed proof-of-concept code available on GitHub.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 1.9
LOW POC Monitor

Stored cross-site scripting (XSS) in code-projects Simple Content Management System 1.0 allows authenticated high-privilege attackers to inject malicious scripts via the News Title parameter in /web/admin/welcome.php, affecting all versions of the product. The vulnerability requires user interaction (UI:R) to execute but has publicly available exploit code and a low CVSS score (2.4) due to high privilege requirements and limited impact scope.

PHP XSS
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Simple Content Management System 1.0 allows unauthenticated remote attackers to manipulate the ID parameter in /web/index.php and execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. Publicly available exploit code exists and the vulnerability carries a CVSS 6.9 score reflecting moderate confidentiality, integrity, and availability impact across the network-accessible endpoint.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Simple Content Management System 1.0 allows unauthenticated remote attackers to manipulate the User parameter in /web/admin/login.php, enabling database query manipulation with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, increasing real-world attack likelihood despite the moderate CVSS score of 6.9.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Faculty Management System 1.0 via the ID parameter in /subject-print.php allows unauthenticated remote attackers to execute arbitrary SQL queries and exfiltrate or modify database contents with low confidentiality and integrity impact. Publicly available exploit code exists, creating immediate operational risk for organizations running this system.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL queries via the VEHICLE_ID parameter in /util/UpdateVehicleFunction.php, achieving confidentiality and integrity compromise. Publicly available exploit code exists and the vulnerability carries a CVSS 6.9 score with confirmed exploitability (E:P rating).

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows remote unauthenticated attackers to manipulate the ID parameter in /util/Login_check.php, leading to unauthorized data access or modification. The vulnerability has been publicly disclosed with exploit code available, increasing real-world exploitation risk despite its low-to-moderate CVSS score of 6.9.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in Lost and Found Thing Management 1.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via the cata parameter in /addcat.php. The vulnerability has CVSS 6.9 (network-accessible, low complexity) and publicly available exploit code exists, making it a practical attack vector for data exfiltration and manipulation in this PHP-based application.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Lost and Found Thing Management 1.0 allows remote unauthenticated attackers to execute arbitrary SQL queries via the cat parameter in /catageory.php, enabling data exfiltration and potential database manipulation. The vulnerability has a publicly available exploit and carries a CVSS score of 6.9 with confirmed low impact to confidentiality, integrity, and availability. Active exploitation status has not been confirmed at time of analysis, but the accessible nature of the vulnerability and public exploit availability elevate operational risk.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 2.0
LOW POC Monitor

Reflected cross-site scripting (XSS) in PHPGurukul Company Visitor Management System 2.0 allows authenticated remote attackers to inject malicious scripts via the fromdate parameter in /bwdates-reports-details.php. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), but publicly available exploit code exists, elevating practical risk despite the moderate CVSS score of 5.1.

PHP XSS
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Simple ChatBox up to version 1.0 allows remote unauthenticated attackers to execute arbitrary SQL queries via manipulation of the msg parameter in the /chatbox/insert.php endpoint, leading to confidentiality and integrity compromise. The vulnerability has a CVSS score of 6.9 and publicly available exploit code exists, increasing real-world risk despite the moderate base score.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Cross-site scripting (XSS) in Simple ChatBox up to version 1.0 allows remote attackers to inject malicious scripts via the msg parameter in the /chatbox/insert.php endpoint, with user interaction required. The vulnerability has publicly available exploit code and affects the PHP-based chat application component. Impact is limited to integrity of user sessions, but the attack vector is remote and requires no authentication.

PHP XSS
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL queries via the STAFF_ID parameter in /util/StaffDetailsFunction.php, enabling unauthorized database access with limited confidentiality and integrity impact. Public exploit code is available, and the vulnerability has a CVSS score of 6.9 with confirmed exploitability.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to read, modify, or delete database contents via the STAFF_ID parameter in /util/StaffAddingFunction.php. CVSS score of 7.3 (High) reflects network-accessible attack requiring no privileges or user interaction. Publicly available exploit code exists (GitHub POC), significantly lowering exploitation barrier, though no active exploitation confirmed via CISA KEV at time of analysis.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to extract, modify, or delete database records via the CUSTOMER_ID parameter in /util/PaymentStatusFunction.php. CVSS 7.3 (High) with low attack complexity and no authentication required. Publicly available exploit code exists (GitHub POC published), significantly lowering the barrier to exploitation. No vendor-released patch identified at time of analysis, creating an urgent risk for exposed deployments.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Cross-site scripting (XSS) in code-projects Simple Laundry System 1.0 allows remote attackers to inject arbitrary scripts via the serviceId parameter in /checkupdatestatus.php. The vulnerability requires user interaction (UI:R) and results in low integrity impact, but is publicly available with exploit code and has been disclosed. CVSS base score is 4.3 with relatively low real-world risk due to UI requirement and limited impact scope, though the presence of public POC increases adoption likelihood among less-skilled attackers.

PHP XSS
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to extract, modify, or delete database contents via the BRANCH_ID parameter in /util/BookVehicleFunction.php. The vulnerability has publicly available exploit code (GitHub POC), enabling trivial exploitation with low attack complexity. CVSS 7.3 reflects medium-severity impacts across confidentiality, integrity, and availability. No vendor patch has been identified at time of analysis.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 allows unauthenticated remote attackers to extract, modify, or delete database contents via the BRANCH_ID parameter in MonthTotalReportUpdateFunction.php. Publicly available exploit code exists (GitHub POC published), enabling trivial exploitation with no user interaction required. CVSS 7.3 reflects network-accessible attack with low complexity and no authentication barrier, creating immediate risk for internet-exposed instances.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in tushar-2223 Hotel Management System /admin/roomdelete.php allows unauthenticated remote attackers to manipulate database queries via the ID parameter, potentially compromising confidentiality, integrity, and availability of hotel management data. Publicly available exploit code exists (CVSS 7.3, EPSS not provided). The vulnerability affects all versions up to commit bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15 in this rolling-release project, and the maintainer has not responded to responsible disclosure attempts.

PHP SQLi
NVD VulDB GitHub
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Online Resort Management System v1.0 allows high-privilege authenticated attackers to read sensitive application data via crafted input to the /orms/admin/activities/manage_activity.php endpoint. The vulnerability requires administrator-level credentials and produces only confidentiality impact with negligible real-world exploitation risk, as indicated by 0.02% EPSS score and CISA SSVC partial technical impact assessment.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 at /rsms/admin/services/view_service.php allows authenticated administrators to extract sensitive database information with low complexity. The vulnerability requires high-privilege (admin) access and does not enable data modification or denial of service, limiting real-world impact despite the unauthenticated attack vector network availability. No active exploitation or public proof-of-concept tools have been confirmed; EPSS score of 0.02% and SSVC framework rating 'none' exploitation status indicate minimal practical risk despite CVSS 2.7 rating.

SQLi PHP N A
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 at /rsms/admin/inquiries/view_details.php allows high-privileged authenticated administrators to extract limited data via crafted SQL queries. The vulnerability requires admin-level access and produces only confidentiality impact with minimal real-world exploitation likelihood (EPSS 0.02%, CVSS 2.7, SSVC framework indicates no practical exploitation path).

SQLi PHP
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL Injection in Sourcecodester Cab Management System 1.0 allows high-privilege administrators to extract limited database information via the /cms/admin/bookings/view_booking.php endpoint. The vulnerability requires authenticated admin access and carries minimal real-world risk given its low EPSS score (0.02%) and CISA SSVC assessment indicating no exploitation status, non-automatable exploitation, and only partial technical impact.

SQLi PHP N A
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Cab Management System v1.0 allows high-privilege authenticated attackers to extract sensitive data via the /cms/admin/categories/view_category.php endpoint. The vulnerability requires administrative credentials and has minimal real-world impact (CVSS 2.7, EPSS 0.02%), with no evidence of active exploitation or public exploit code.

SQLi PHP N A
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Online Reviewer System v1.0 allows high-privileged authenticated attackers to conduct limited information disclosure through the exam update functionality at /system/system/admins/assessments/examproper/exam-update.php. The vulnerability carries minimal real-world risk due to required administrative privileges (PR:H), low EPSS exploitation probability (0.02%), and CISA SSVC assessment indicating no exploitation trend, non-automatable attack, and only partial technical impact.

SQLi PHP N A
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Basic Library System v1.0 at /librarysystem/load_student.php allows high-privilege authenticated attackers to read sensitive database information. The vulnerability requires administrative-level privileges and manual user interaction is absent, but real-world risk is minimal due to extremely low EPSS score (0.02%), CVSS severity of 2.7, and CISA SSVC assessment indicating no exploitation activity, non-automatable conditions, and only partial technical impact.

SQLi PHP
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Basic Library System v1.0 allows high-privilege authenticated attackers to extract sensitive data via the /librarysystem/load_admin.php endpoint. The vulnerability requires administrative authentication, limiting exposure to compromised or malicious admin accounts. EPSS exploitation probability is minimal at 0.02% (6th percentile), and no public exploit code has been identified, making this a low-priority issue despite the SQL injection vector.

SQLi PHP N A
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Basic Library System v1.0 allows high-privilege authenticated attackers to extract limited information from the database via crafted input to /librarysystem/load_book.php. The vulnerability requires administrative credentials and has very low real-world risk (EPSS 0.02%, CVSS 2.7) with no public exploit code identified; CISA does not list it as actively exploited.

SQLi PHP N A
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Online Reviewer System v1.0 allows high-privileged authenticated users to extract limited data via a crafted SQL query in the questions-view.php endpoint. The vulnerability requires administrator-level credentials and lacks evidence of active exploitation or public exploit tooling, resulting in a minimal real-world risk profile despite confirmed SQL injection capability.

SQLi PHP N A
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 allows authenticated high-privilege users to read sensitive database content via crafted input in the repairs details viewer. The vulnerability requires admin-level authentication and carries minimal real-world risk given the CVSS 2.7 score, EPSS 0.02% exploitation probability, and CISA SSVC assessment indicating no known exploitation, non-automatable attack, and only partial technical impact (confidentiality). No active exploitation has been confirmed.

SQLi PHP
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 at /rsms/admin/repairs/manage_repair.php allows authenticated administrators to extract or modify limited database information. The attack requires high-level administrative privileges and produces only confidentiality impact; EPSS probability is minimal (0.02%), and CISA SSVC assessment indicates no evidence of real-world exploitation.

SQLi PHP
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH This Week

In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page.

PHP File Upload RCE +1
NVD GitHub
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Online Thesis Archiving System v1.0 at /otas/admin/curriculum/manage_curriculum.php allows authenticated high-privileged administrators to extract sensitive database information through unsanitized query parameters. With a CVSS score of 2.7 and EPSS of 0.01% (2nd percentile), this vulnerability presents minimal real-world risk despite valid SQL injection mechanics, as exploitation requires admin-level credentials and yields only confidentiality impact. No public exploit code or active exploitation has been confirmed.

PHP SQLi
NVD GitHub
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Online Thesis Archiving System v1.0 allows high-privilege authenticated attackers to extract sensitive information via the /otas/projects_per_department.php endpoint. The vulnerability requires admin-level credentials (PR:H per CVSS) and has minimal confidentiality impact with an EPSS score of 0.01%, indicating very low real-world exploitation probability despite public disclosure on GitHub.

PHP SQLi
NVD GitHub
EPSS 0% CVSS 7.3
HIGH This Week

SQL injection in Sourcecodester Online Thesis Archiving System v1.0's /otas/view_archive.php endpoint allows remote unauthenticated attackers to manipulate database queries, potentially extracting sensitive thesis data, authentication credentials, or modifying database contents. No public exploit identified at time of analysis, with minimal observed exploitation probability (EPSS 0.01%, 2nd percentile). The vulnerability affects a PHP-based academic archiving platform with limited deployment footprint.

PHP SQLi
NVD GitHub
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Online Resort Management System v1.0 allows high-privileged authenticated attackers to query the database with limited confidentiality impact via the /orms/admin/rooms/view_room.php endpoint. The CVSS score of 2.7 and EPSS percentile of 6% reflect low real-world exploitation probability; SSVC assessment confirms no known automated exploit path and only partial technical impact (information disclosure). No public exploit code or active exploitation has been identified.

SQLi PHP
NVD GitHub
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Online Resort Management System v1.0 allows authenticated high-privilege users to execute arbitrary SQL queries via the /orms/admin/reservations/view_details.php endpoint, resulting in limited information disclosure. The vulnerability requires administrative access and carries minimal real-world risk due to CVSS 2.7, EPSS 0.02% (6th percentile), and SSVC framework assessment indicating no active exploitation and non-automatable attack requirements.

SQLi PHP
NVD GitHub
EPSS 0% CVSS 2.7
LOW Monitor

SQL Injection in Sourcecodester Online Resort Management System v1.0 allows authenticated administrators to extract or modify database contents via the /orms/admin/rooms/manage_room.php endpoint. The vulnerability requires high-privilege administrative access and has minimal real-world impact given the CVSS score of 2.7, EPSS exploitation probability of 0.02%, and CISA SSVC determination of non-exploitable status with only partial technical impact. No active exploitation has been confirmed.

SQLi PHP
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW Monitor

SQL injection in Sourcecodester Computer and Mobile Repair Shop Management System v1.0 allows authenticated administrators to execute arbitrary SQL queries via the /rsms/admin/clients/manage_client.php endpoint, potentially exposing sensitive data with low confidentiality impact. The vulnerability requires high-privilege administrator authentication and carries minimal real-world risk (EPSS 0.02%, SSVC indicates no exploitation activity), but represents a common code quality issue in open-source PHP applications that warrants remediation during security updates.

SQLi PHP
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary SQL queries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 7.1
HIGH POC This Week

eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 7.1
HIGH POC This Week

ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 8.8
HIGH POC This Week

CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB GitHub
EPSS 0% CVSS 7.1
HIGH POC This Week

ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP CSRF
NVD Exploit-DB
EPSS 0% CVSS 9.3
CRITICAL Act Now

Reflected cross-site scripting (XSS) in Rukovoditel CRM 3.6.4's Zadarma telephony API endpoint allows remote attackers to execute arbitrary JavaScript in victim browsers without authentication. The vulnerability stems from direct reflection of the 'zd_echo' GET parameter without sanitization. With CVSS 9.3 (Critical), changed scope (S:C), and no authentication required (PR:N), this enables session hijacking and account takeover via malicious links. No public exploit identified at time of analysis, though proof-of-concept is trivial given the code-level disclosure. EPSS data not available.

XSS PHP
NVD VulDB
EPSS 0% CVSS 7.1
HIGH This Week

Arbitrary file deletion in wpForo Forum plugin for WordPress (≤3.0.2) allows authenticated attackers with subscriber-level access to delete critical server files including wp-config.php. A two-step logic flaw permits injection of attacker-controlled file paths via poisoned postmeta arrays (data[body][fileurl]), which are later passed unvalidated to wp_delete_file(). The vulnerability requires low-privilege authentication (PR:L) and enables denial-of-service against WordPress installations through deletion of configuration or core files. No public exploit identified at time of analysis.

WordPress PHP Information Disclosure
NVD VulDB
EPSS 0% CVSS 5.0
MEDIUM This Month

Blind Server-Side Request Forgery in UsersWP WordPress plugin versions up to 1.2.58 allows authenticated subscribers and above to force the WordPress server to make arbitrary HTTP requests via the uwp_crop parameter in avatar/banner image crop operations. The vulnerability stems from insufficient URL origin validation in the process_image_crop() method, which accepts user-controlled URLs and passes them to PHP image processing functions that support URL wrappers, enabling internal network reconnaissance and potential access to sensitive services. No public exploit code or active exploitation has been confirmed, though the vulnerability requires only authenticated access and low attack complexity.

PHP SSRF WordPress
NVD GitHub VulDB
EPSS 0% CVSS 7.2
HIGH This Week

Unauthenticated stored XSS in Optimole WordPress plugin (≤4.2.2) allows attackers to inject malicious scripts via the srcset descriptor parameter in the /wp-json/optimole/v1/optimizations REST endpoint. Despite HMAC signature validation, authentication tokens are exposed in frontend HTML, enabling exploitation. Injected payloads persist in WordPress options table via transients and execute when victim browsers render affected pages. No public exploit identified at time of analysis.

XSS PHP WordPress
NVD VulDB
EPSS 0% CVSS 3.7
LOW PATCH Monitor

phpseclib's SSH2 packet authentication uses PHP's non-constant-time != operator to compare HMACs, enabling timing-based information disclosure attacks on SSH sessions. The vulnerability affects phpseclib versions prior to 1.0.28, 2.0.53, and 3.0.51. An unauthenticated remote attacker can exploit variable-time comparison behavior to infer valid HMAC values through precise timing measurements, potentially compromising the confidentiality of SSH communications. No public exploit code or active exploitation has been confirmed, but this is a cryptographic timing vulnerability with proven scalability via benchmarking.

PHP Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Remote code execution in Chamilo LMS versions prior to 1.11.38 allows authenticated users (including low-privilege students) to upload and execute arbitrary PHP code through the BigUpload endpoint. Attackers exploit insufficient file extension filtering by uploading .pht files containing malicious code, which Apache servers with default .pht handlers execute as PHP. The vulnerability enables authenticated attackers to achieve full server compromise through unrestricted arbitrary file write capabilities. No public exploit identified at time of analysis.

Apache PHP File Upload +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote code execution in Chamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3 allows authenticated teachers to upload PHP webshells through the exercise sound upload function by spoofing Content-Type headers to audio/mpeg. Uploaded malicious files retain their .php extensions and execute in web-accessible directories with web server privileges (www-data). Attack requires low-privilege teacher account but no user interaction. No public exploit identified at time of analysis.

RCE PHP File Upload
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

OS command injection in Chamilo LMS 1.x (prior to 1.11.38) and 2.0.0-RC.x (prior to RC.3) allows authenticated teacher-role users to execute arbitrary system commands via unsanitized file path parameters. The move() function in fileManage.lib.php concatenates user-controlled move_to POST values directly into exec() shell commands without proper escaping. Any authenticated user can exploit this by creating a course (enabled by default), uploading a directory with shell metacharacters via Course Backup Import, then moving a document to trigger command execution as www-data. No public exploit identified at time of analysis.

PHP Command Injection
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Insecure Direct Object Reference in Chamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3 allows authenticated users enrolled in a course to manipulate arbitrary Learning Path progress data for other users. The lp_ajax_save_item.php endpoint accepts a uid parameter without ownership validation, enabling attackers to overwrite scores, completion status, and time tracking for any enrolled user by modifying the request parameter. No public exploit identified at time of analysis. CVSS 7.1 (High) reflects authenticated network-based exploitation with high integrity impact.

PHP Authentication Bypass
NVD GitHub
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

Arbitrary file write vulnerability in Chamilo LMS versions before 1.11.38 allows unauthenticated remote attackers to modify existing files or create new files with system-level permissions through a chained attack exploiting the main/install/ directory. Attackers can bypass PHP execution restrictions when the installation directory remains accessible post-deployment, enabling complete system compromise where filesystem permissions permit. This vulnerability affects portals that have not removed the main/install/ directory after initial setup. No public exploit identified at time of analysis.

PHP Information Disclosure Path Traversal
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Chamilo LMS versions prior to 2.0.0-RC.3 allows authenticated attackers with administrative privileges to inject and execute arbitrary PHP code via platform configuration settings. The PlatformConfigurationController::decodeSettingArray() method unsafely uses eval() to parse database-stored settings, executing injected code when any user-including unauthenticated visitors-accesses the /platform-config/list endpoint. Exploitation requires low-privilege authentication (PR:L) but delivers full system compromise with high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis.

RCE PHP Code Injection
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Session fixation in Chamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3 enables unauthenticated remote attackers to hijack user sessions via main/lp/aicc_hacp.php. User-controlled request parameters directly manipulate PHP session IDs before application bootstrap, allowing attackers to force victims into attacker-controlled sessions. Successful exploitation grants high-severity access to confidential data and platform integrity. No public exploit identified at time of analysis.

PHP Information Disclosure Session Fixation
NVD GitHub
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Path traversal in Chamilo LMS main/exercise/savescores.php enables authenticated attackers to delete arbitrary files on the server. Vulnerable versions prior to 1.11.38 fail to sanitize the 'test' parameter from $_REQUEST, allowing directory traversal sequences to escape intended paths and target critical system or application files. Attackers with low-level authenticated access can exploit this remotely without user interaction, resulting in high integrity and availability impact through targeted file deletion.

PHP Path Traversal
NVD GitHub
EPSS 0% CVSS 8.1
HIGH This Week

Local file inclusion in CactusThemes VideoPro WordPress theme through version 2.3.8.1 allows unauthenticated remote attackers to read arbitrary files on the server via improper filename control in PHP include/require statements. Exploitation requires high attack complexity but no user interaction. EPSS score indicates low observed exploitation activity; no public exploit identified at time of analysis.

PHP Information Disclosure LFI
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Local file inclusion in Case Themes Case Theme User WordPress plugin (versions prior to 1.0.4) enables unauthenticated remote attackers to include arbitrary local files via PHP require/include statements. Successful exploitation requires high attack complexity and user interaction, but grants full compromise of confidentiality, integrity, and availability. Attackers may read sensitive configuration files, execute malicious code if file upload exists, or escalate to remote code execution through log poisoning techniques. No public exploit identified at time of analysis.

PHP Information Disclosure LFI
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Vehicle Showroom Management System 1.0 via the BRANCH_ID parameter in /util/RegisterCustomerFunction.php allows unauthenticated remote attackers to manipulate database queries with low complexity, affecting data confidentiality and integrity. Publicly available exploit code exists, increasing real-world exploitation risk despite the moderate CVSS 6.9 score.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This affects an unknown function of the file /util/AddVehicleFunction.php. This manipulation of the argument BRANCH_ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. The impacted element is an unknown function of the file /util/VehicleDetailsFunction.php. The manipulation of the argument VEHICLE_ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Reflected cross-site scripting (XSS) in code-projects Vehicle Showroom Management System 1.0 allows remote attackers to inject malicious scripts via the BRANCH_ID parameter in /BranchManagement/ServiceAndSalesReport.php. The vulnerability requires user interaction (UI:P) but no authentication, with publicly available exploit code disclosed. CVSS 5.3 reflects moderate severity with integrity impact limited to confidentiality of user sessions rather than data modification.

XSS PHP
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Reflected cross-site scripting (XSS) in code-projects Vehicle Showroom Management System 1.0 allows remote unauthenticated attackers to inject malicious scripts via the BRANCH_ID parameter in /BranchManagement/ProfitAndLossReport.php, requiring user interaction to execute. Publicly available exploit code exists for this vulnerability, and while the CVSS score of 5.3 is moderate, the low integrity impact combined with user interaction requirement limits practical risk, though XSS vulnerabilities remain routinely exploitable in real-world scenarios.

XSS PHP
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in CodeAstro Online Classroom 1.0 allows authenticated remote attackers to manipulate the fname parameter in /updatedetailsfromstudent.php to execute arbitrary SQL queries, achieving limited confidentiality and integrity impact. The vulnerability has publicly available exploit code and a CVSS score of 5.3, representing a moderate risk requiring authentication to exploit.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Reflected cross-site scripting (XSS) in code-projects Simple Laundry System 1.0 allows unauthenticated remote attackers to inject arbitrary JavaScript via the serviceId parameter in /checkcheckout.php, requiring user interaction to execute. Publicly available exploit code exists for this vulnerability, and the low CVSS score of 4.3 reflects the need for user click-through and limited scope (integrity impact only), though the attack vector is network-accessible and requires no special privileges or authentication.

XSS PHP
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Simple IT Discussion Forum 1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands via the Category parameter in /add-category-function.php. Attackers can read, modify, or delete database contents without authentication. Publicly available exploit code exists. CVSS 7.3 (High) reflects network-accessible attack vector with low complexity and no user interaction required. Impacts confidentiality, integrity, and availability at low levels.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in itsourcecode Construction Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the toolname parameter in /del1.php, potentially compromising data confidentiality, integrity, and availability. Publicly available exploit code exists, and the vulnerability has been assigned CVSS 6.3 with confirmed exploitability indicators (E:P rating).

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in CodeAstro Online Classroom allows authenticated remote attackers to execute arbitrary SQL queries via the Q1 parameter in /OnlineClassroom/takeassessment2.php, enabling data exfiltration and modification with CVSS 6.3 severity; publicly available exploit code exists and the vulnerability affects all versions of the product.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in itsourcecode Construction Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the equipname parameter in /del.php, enabling data exfiltration, modification, and potential denial of service. Publicly available exploit code exists, and the vulnerability carries a CVSS score of 6.3 with confirmed exploitation potential (E:P rating).

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in code-projects Patient Record Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the ID parameter in /edit_hpatient.php, leading to unauthorized data access, modification, and potential denial of service. Publicly available exploit code exists (CVSS 6.3, attack vector network, low complexity, requires valid credentials). This is not confirmed as actively exploited by CISA but poses immediate risk given public POC availability and low exploitation complexity.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in code-projects Patient Record Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL commands via the hem_id parameter in /hematology_print.php, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has a CVSS score of 6.3 (medium) with publicly available exploit code, though no CISA KEV confirmation indicates active widespread exploitation at time of analysis.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in Simple IT Discussion Forum 1.0 by code-projects allows unauthenticated remote attackers to execute arbitrary SQL commands via the cat_id parameter in /delete-category.php, enabling unauthorized data access, modification, or deletion. Publicly available exploit code exists. CVSS 7.3 (High) reflects network-accessible attack surface with low complexity and no authentication requirement, permitting compromise of confidentiality, integrity, and availability.

SQLi PHP
NVD VulDB GitHub
EPSS 0% CVSS 1.9
LOW POC Monitor

Stored cross-site scripting (XSS) in code-projects Simple IT Discussion Forum 1.0 allows authenticated remote attackers with administrative privileges to inject malicious scripts via the fname parameter in /admin/user.php, affecting user interactions through reflected XSS. The vulnerability has a CVSS score of 2.4 but carries a public exploit, though the low CVSS reflects the requirement for high-privilege authentication and user interaction to trigger the payload.

XSS PHP
NVD VulDB GitHub
EPSS 0% CVSS 8.1
HIGH This Week

Authenticated arbitrary file overwrite in Perfmatters WordPress plugin ≤2.5.9 allows low-privileged attackers (Subscriber-level and above) to corrupt critical server files via path traversal. The PMCS::action_handler() method processes bulk activate/deactivate actions without authorization checks or nonce verification, passing unsanitized $_GET['snippets'][] values through Snippet::activate()/deactivate() to file_put_contents(). Attackers can overwrite files like .htaccess or index.php with fixed PHP docblock content, causing denial of service. Exploitation requires authenticated access with minimal privileges. No public exploit identified at time of analysis.

WordPress PHP Path Traversal +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

WP-Optimize plugin for WordPress allows authenticated subscribers and higher to execute admin-only operations including log file access, backup image deletion, and bulk image processing due to missing capability checks in the Heartbeat handler function. The vulnerability affects all versions up to 4.5.0 and requires user authentication but no elevated privileges, enabling privilege escalation from subscriber-level accounts to perform administrative image optimization tasks that should be restricted to site administrators.

WordPress PHP Authentication Bypass
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

SQL injection in itsourcecode Online Student Enrollment System v1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands via the 'coursename' parameter in newCourse.php, potentially enabling complete database compromise, authentication bypass, and server-side code execution. Despite a critical 9.8 CVSS score, EPSS indicates only 0.01% exploitation probability (2nd percentile), suggesting minimal observed attacker interest. Publicly available exploit code exists (GitHub POC), but no CISA KEV listing confirms active exploitation.

PHP SQLi
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

SQL injection in SourceCodester Engineers Online Portal v1.0 allows remote unauthenticated attackers to execute arbitrary SQL commands through the new_password parameter in update_password.php, enabling complete database compromise, authentication bypass, and potential server takeover. Despite a critical CVSS score of 9.8, EPSS indicates only 0.01% exploitation probability (2nd percentile), and no public exploit identified at time of analysis beyond technical documentation. The vulnerable PHP application lacks input validation on password update functionality, a common weakness in legacy web portals.

PHP SQLi
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

SQL injection in itsourcecode Online Student Enrollment System v1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands via the 'subjcode' parameter in assignInstructorSubjects.php, potentially enabling complete database compromise, authentication bypass, and data exfiltration. CVSS 9.8 (Critical) reflects network-accessible exploitation requiring no privileges or user interaction. EPSS score of 0.01% (2nd percentile) indicates minimal observed exploitation activity, though publicly available exploit code exists via GitHub repository documentation. No vendor-released patch identified at time of analysis.

PHP SQLi
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

SQL injection in itsourcecode Online Student Enrollment System v1.0 allows unauthenticated remote attackers to extract, modify, or delete database contents via unsanitized classId parameter in instructorClasses.php. Despite critical CVSS 9.8 rating, EPSS score of 0.01% (2nd percentile) indicates minimal observed exploitation activity. Public proof-of-concept documentation exists on GitHub, lowering exploitation barrier for opportunistic attackers targeting educational institutions using this enrollment platform.

PHP SQLi
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

SQL injection in PHP-MYSQL-User-Login-System v1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands via the username parameter at login.php, potentially enabling complete database compromise, authentication bypass, and unauthorized administrative access. Publicly available exploit code exists (GitHub POC). Despite a critical CVSS score of 9.8, EPSS exploitation probability is extremely low (0.01%, 2nd percentile), and no confirmed active exploitation (not in CISA KEV). The low real-world exploitation signal suggests limited deployment or attacker interest in this specific application.

PHP SQLi
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

SQL injection in itsourcecode Online Student Enrollment System v1.0 allows unauthenticated remote attackers to execute arbitrary SQL commands through the 'subjcode' parameter in scheduleSubList.php, achieving full database compromise with potential for complete system control. CVSS 9.8 (Critical) reflects network-accessible exploitation requiring no privileges or user interaction. EPSS score of 0.01% (2nd percentile) indicates minimal observed exploitation activity, and no CISA KEV listing exists, suggesting limited real-world targeting despite the theoretical severity. Public proof-of-concept documentation exists on GitHub, lowering the technical barrier for exploitation.

PHP SQLi
NVD GitHub
EPSS 0% CVSS 9.3
CRITICAL Act Now

Supply chain compromise in Smart Slider 3 Pro 3.5.1.35 for WordPress and Joomla delivers multi-stage remote access toolkit via compromised update mechanism. Unauthenticated attackers achieve pre-authentication remote code execution through malicious HTTP headers, deploy authenticated backdoors accepting arbitrary PHP/OS commands, create hidden administrator accounts, exfiltrate credentials and API keys, and establish persistence via must-use plugins and core file modifications. Vendor confirmed malicious build distributed through official update channel. No public exploit identified at time of analysis.

RCE WordPress PHP
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

CSRF vulnerability in Dockyard prior to 1.1.0 allows unauthenticated remote attackers to start or stop Docker containers by tricking a logged-in administrator into clicking a malicious link, since container control endpoints accept GET requests without CSRF token validation. An attacker can disrupt service availability or trigger unintended container state changes without authentication credentials. No active exploitation or public exploit code has been confirmed.

Docker CSRF Authentication Bypass +2
NVD GitHub VulDB
Prev Page 21 of 275 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy