Submit #628677: code-projects Online Medicine Guide V1.0 SQL injection [Accepted]
Submit #628677 / VDB-319986
Aggregator
CVE-2025-8984 | itsourcecode Online Tour and Travel Management System 1.0 expense_category.php expense_name sql injection
9 months ago
A vulnerability, which was classified as critical, was found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expense_category.php. The manipulation of the argument expense_name leads to sql injection.
This vulnerability is traded as CVE-2025-8984. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8983 | itsourcecode Online Tour and Travel Management System 1.0 expense.php expense_for sql injection
9 months ago
A vulnerability, which was classified as critical, has been found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expense_for leads to sql injection.
The identification of this vulnerability is CVE-2025-8983. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8982 | itsourcecode Online Tour and Travel Management System 1.0 currency.php curr_code sql injection
9 months ago
A vulnerability classified as critical was found in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument curr_code leads to sql injection.
This vulnerability was named CVE-2025-8982. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8981 | itsourcecode Online Tour and Travel Management System 1.0 payment.php payment_type sql injection
9 months ago
A vulnerability classified as critical has been found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument payment_type leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-8981. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #628676: sourcecodester COVID 19 Testing Management System V1.0 SQL injection [Accepted]
9 months ago
Submit #628676 / VDB-319985
zhuyi
Submit #628675: sourcecodester COVID 19 Testing Management System V1.0 SQL injection [Accepted]
9 months ago
Submit #628675 / VDB-319984
zhuyi
Submit #628664: SourceCodester COVID 19 Testing Management System V1.0 SQL injection [Accepted]
9 months ago
Submit #628664 / VDB-319983
zhuyi
Submit #628663: sourcecodester COVID 19 Testing Management System V1.0 SQL injection [Accepted]
9 months ago
Submit #628663 / VDB-319982
zhuyi
Submit #628662: sourcecodester COVID 19 Testing Management System V1.0 SQL injection [Accepted]
9 months ago
Submit #628662 / VDB-319981
zhuyi
CVE-2025-8980 | Tenda G1 16.01.7.8(3660) Firmware Update check_upload_file data authenticity
9 months ago
A vulnerability was found in Tenda G1 16.01.7.8(3660). It has been rated as critical. Affected by this issue is the function check_upload_file of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity.
This vulnerability is handled as CVE-2025-8980. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #628661: itsourcecode Online Tour and Travel Management System V1.0 SQL injection [Accepted]
9 months ago
Submit #628661 / VDB-319980
zhuyi
Submit #628660: itsourcecode Online Tour and Travel Management System V1.0 SQL injection [Accepted]
9 months ago
Submit #628660 / VDB-319979
zhuyi
Submit #628659: itsourcecode Online Tour and Travel Management System V1.0 SQL injection [Accepted]
9 months ago
Submit #628659 / VDB-319978
zhuyi
Submit #628658: itsourcecode Online Tour and Travel Management System V1.0 SQL injection [Accepted]
9 months ago
Submit #628658 / VDB-319977
zhuyi
GitLab security advisory (AV25-507)
9 months ago
Canadian Centre for Cyber Security
CVE-2025-8979 | Tenda AC15 15.13.07.13 Firmware Update check_fw_type/split_fireware/check_fw data authenticity
9 months ago
A vulnerability was found in Tenda AC15 15.13.07.13. It has been declared as critical. Affected by this vulnerability is the function check_fw_type/split_fireware/check_fw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity.
This vulnerability is known as CVE-2025-8979. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #628606: Tenda G1 V16.01.7.8(3660) CWE-287 Improper Authentication [Duplicate]
9 months ago
Submit #628606 / VDB-319976
IOT_Res
Submit #628605: Tenda G1 V16.01.7.8(3660) CWE-327 Use of a Broken or Risky Cryptographic Algorithm [Accepted]
9 months ago
Submit #628605 / VDB-319976
IOT_Res
Submit #628603: Tenda AC15 V15.13.07.13 CWE-20 Improper Input Validation [Duplicate]
9 months ago
Submit #628603 / VDB-319975
IOT_Res