CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1875 – SQL injection vulnerability in 101news
https://notcve.org/view.php?id=CVE-2025-1875
03 Mar 2025 — SQL injection vulnerability have been found in 101news affecting version 1.0 through the "searchtitle" parameter in search.php. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1874 – SQL injection vulnerability in 101news
https://notcve.org/view.php?id=CVE-2025-1874
03 Mar 2025 — SQL injection vulnerability have been found in 101news affecting version 1.0 through the "description" parameter in admin/add-category.php. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1873 – SQL injection vulnerability in 101news
https://notcve.org/view.php?id=CVE-2025-1873
03 Mar 2025 — SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagetitle" and "pagedescription" parameters in admin/contactus.php. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1872 – SQL injection vulnerability in 101news
https://notcve.org/view.php?id=CVE-2025-1872
03 Mar 2025 — SQL injection vulnerability have been found in 101news affecting version 1.0 through the "sadminusername" parameter in admin/add-subadmins.php. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1871 – SQL injection vulnerability in 101news
https://notcve.org/view.php?id=CVE-2025-1871
03 Mar 2025 — SQL injection vulnerability have been found in 101news affecting version 1.0 through the "category" and "subcategory" parameters in admin/add-subcategory.php. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1870 – SQL injection vulnerability in 101news
https://notcve.org/view.php?id=CVE-2025-1870
03 Mar 2025 — SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagedescription" parameter in admin/aboutus.php. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1869 – SQL injection vulnerability in 101news
https://notcve.org/view.php?id=CVE-2025-1869
03 Mar 2025 — SQL injection vulnerability have been found in 101news affecting version 1.0 through the "username" parameter in admin/check_avalability.php. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-1167 – Mayuri K Employee Management System Update_User.php sql injection
https://notcve.org/view.php?id=CVE-2025-1167
11 Feb 2025 — A vulnerability was found in Mayuri K Employee Management System up to 192.168.70.3 and classified as critical. Affected by this issue is some unknown functionality of the file /hr_soft/admin/Update_User.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.295070 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6898 – SourceCodester Best Courier Management System manage_user.php sql injection
https://notcve.org/view.php?id=CVE-2023-6898
17 Dec 2023 — A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248256. • https://github.com/Glunko/gaatitrack-courier-management-system_vulnerability/blob/main/sql_injection.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5273 – SourceCodester Best Courier Management System manage_parcel_status.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-5273
29 Sep 2023 — A vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. This vulnerability affects unknown code of the file manage_parcel_status.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Best%20courier%20management%20system/Best%20courier%20management%20system%20project%20in%20php%20-%20vuln%206.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •