6.9
CVE-2025-11063 - Campcodes Online Learning Management System edit_department.php sql injection
A vulnerability was identified in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /admin/edit_department.php. The manipulation of the argument d leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly avβ¦
6.9
CVE-2025-11062 - Campcodes Online Learning Management System save_student.php sql injection
A vulnerability was determined in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/save_student.php. Executing manipulation of the argument class_id can lead to sql injection. The attack may be performed from remote. The exploit has been puβ¦
6.9
CVE-2025-11061 - Campcodes Online Learning Management System edit_student.php sql injection
A vulnerability was found in Campcodes Online Learning Management System 1.0. This affects an unknown part of the file /admin/edit_student.php. Performing manipulation of the argument cys results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public aβ¦
6.9
CVE-2025-11057 - SourceCodester Pet Grooming Management Software print_inv.php sql injection
A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/print_inv.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been discloβ¦
5.3
CVE-2025-11056 - ProjectsAndPrograms School Management System select-students.php sql injection
A flaw has been found in ProjectsAndPrograms School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file owner_panel/fetch-data/select-students.php. This manipulation of the argument select causes sql injection. Remote exploitation of the attack is possible.β¦
6.9
CVE-2025-11055 - SourceCodester Online Hotel Reservation System updateaddress.php sql injection
A vulnerability was detected in SourceCodester Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/updateaddress.php. The manipulation of the argument address results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
5.3
CVE-2025-11054 - itsourcecode Open Source Job Portal index.php sql injection
A security vulnerability has been detected in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/category/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been dβ¦
6.9
CVE-2025-11053 - PHPGurukul Small CRM forgot-password.php sql injection
A weakness has been identified in PHPGurukul Small CRM 4.0. This affects an unknown function of the file /forgot-password.php. Executing manipulation of the argument email can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be β¦
6.9
CVE-2025-11052 - kidaze CourseSelectionSystem COUNT3s5.php sql injection
A security flaw has been discovered in kidaze CourseSelectionSystem 1.0/5.php. The impacted element is an unknown function of the file /Profilers/PriProfile/COUNT3s5.php. Performing manipulation of the argument csslc results in sql injection. The attack can be initiated remotely. The exploit has beβ¦
4.3
CVE-2025-9893 - VM Menu Reorder plugin <= 1.0.0 - Cross-Site Request Forgery to Settings Update
The VM Menu Reorder plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the vm_set_to_default function. This makes it possible for unauthenticated attackers to reset all menu reoβ¦