6.9
CVE-2025-11108 - code-projects Simple Scheduling System addroom.php sql injection
A vulnerability was determined in code-projects Simple Scheduling System 1.0. Impacted is an unknown function of the file /schedulingsystem/addroom.php. Executing manipulation of the argument room can lead to sql injection. The attack may be performed from remote. The exploit has been publicly discβ¦
6.9
CVE-2025-11107 - code-projects Simple Scheduling System addcourse.php sql injection
A vulnerability was found in code-projects Simple Scheduling System 1.0. This issue affects some unknown processing of the file /schedulingsystem/addcourse.php. Performing manipulation of the argument corcode results in sql injection. The attack is possible to be carried out remotely. The exploit hβ¦
6.9
CVE-2025-11106 - code-projects Simple Scheduling System addfaculty.php sql injection
A vulnerability has been found in code-projects Simple Scheduling System 1.0. This vulnerability affects unknown code of the file /schedulingsystem/addfaculty.php. Such manipulation of the argument falname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed tβ¦
6.9
CVE-2025-11105 - code-projects Simple Scheduling System addsubject.php sql injection
A flaw has been found in code-projects Simple Scheduling System 1.0. This affects an unknown part of the file /schedulingsystem/addsubject.php. This manipulation of the argument subcode causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be usβ¦
5.3
CVE-2025-11104 - CodeAstro Electricity Billing System bill.php sql injection
A vulnerability was detected in CodeAstro Electricity Billing System 1.0. Affected by this issue is some unknown functionality of the file /admin/bill.php. The manipulation of the argument uid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
5.1
CVE-2025-11103 - Projectworlds Online Tours and Travels change-image.php unrestricted upload
A security vulnerability has been detected in Projectworlds Online Tours and Travels 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack may be initiated remotely.β¦
6.9
CVE-2025-11102 - Campcodes Online Learning Management System edit_content.php sql injection
A weakness has been identified in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /admin/edit_content.php. Executing manipulation of the argument Title can lead to sql injection. The attack can be launched remotely. The exploit has been made available toβ¦
6.9
CVE-2025-11101 - itsourcecode Open Source Job Portal index.php sql injection
A security flaw has been discovered in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/company/index.php?view=edit. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been β¦
5.3
CVE-2025-11100 - D-Link DIR-823X set_wifi_blacklists uci_set command injection
A vulnerability was identified in D-Link DIR-823X 250416. This affects the function uci_set of the file /goform/set_wifi_blacklists. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
5.3
CVE-2025-11099 - D-Link DIR-823X delete_prohibiting uci_del command injection
A vulnerability was determined in D-Link DIR-823X 250416. The impacted element is the function uci_del of the file /goform/delete_prohibiting. This manipulation of the argument delvalue causes command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosedβ¦