郑翔(zhengxiang)

4 exploits Active since Sep 2025
CVE-2025-10621 WRITEUP HIGH WRITEUP
SourceCodester Hotel Reservation System 1.0 - SQL Injection via editroomimage.php ID Parameter
A vulnerability was determined in SourceCodester Hotel Reservation System 1.0. The affected element is an unknown function of the file editroomimage.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
CVSS 7.3
CVE-2025-10623 WRITEUP HIGH WRITEUP
SourceCodester Hotel Reservation System 1.0 - SQL Injection via deleteuser.php ID Parameter
A vulnerability was identified in SourceCodester Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteuser.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
CVSS 7.3
CVE-2025-11036 WRITEUP HIGH WRITEUP
code-projects E-Commerce Website 1.0 - SQL Injection
A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/admin_account_update.php. Such manipulation of the argument user_id leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
CVSS 7.3
CVE-2025-11037 WRITEUP HIGH WRITEUP
Code-projects E-Commerce Website 1.0 - SQL Injection
A security flaw has been discovered in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/admin_index_search.php. Performing manipulation of the argument Search results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.
CVSS 7.3