Shuvo Ahmed Sanin - Security Researcher - Exploit Intelligence Platform

CVE-2025-11481 WRITEUP MEDIUM WRITEUP

Varunsardana004 Blood Bank And Donation Management System - Injection

A flaw has been found in varunsardana004 Blood-Bank-And-Donation-Management-System up to dc9e0393d826fbc85fad9755b5bc12cba1919df2. The impacted element is an unknown function of the file /donate_blood.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed.

CVSS 6.3

View Code

CVE-2025-12332 WRITEUP LOW WRITEUP

Remyandrade Student Grades Management System - Code Injection

A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function delete_user of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used.

CVSS 2.4

View Code

CVE-2025-63442 WRITEUP MEDIUM WRITEUP

Simple User Management System with PHP-MySQL v1.0 - XSS

Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting (XSS) via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser

CVSS 4.6

View Code

CVE-2025-63443 WRITEUP MEDIUM WRITEUP

School Management System PHP v1.0 - XSS

School Management System PHP v1.0 is vulnerable to Cross Site Scripting (XSS) in /login.php via the password parameter.

CVSS 5.4

View Code

CVE-2025-63446 WRITEUP MEDIUM WRITEUP

Water Management System v1.0 - XSS

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_vendor.php.

CVSS 6.1

View Code

CVE-2025-63447 WRITEUP MEDIUM WRITEUP

Water Management System v1.0 - XSS

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_customer.php.

CVSS 6.1

View Code

CVE-2025-63448 WRITEUP MEDIUM WRITEUP

Water Management System v1.0 - XSS

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit_product.php?id=1.

CVSS 6.1

View Code

CVE-2025-63449 WRITEUP MEDIUM WRITEUP

Water Management System v1.0 - XSS

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /orders.php.

CVSS 5.4

View Code

CVE-2025-63450 WRITEUP MEDIUM WRITEUP

Car-Booking-System-PHP <1.0 - XSS

Car-Booking-System-PHP v.1.0 is vulnerable to Cross Site Scripting (XSS) in /carlux/booking.php.

CVSS 5.4

View Code

CVE-2025-63451 WRITEUP CRITICAL WRITEUP

Car-Booking-System-PHP v.1.0 - SQL Injection

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php.

CVSS 9.8

View Code

CVE-2025-63452 WRITEUP CRITICAL WRITEUP

Car-Booking-System-PHP <1.0 - SQL Injection

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/forgot-pass.php.

CVSS 9.4

View Code

CVE-2025-63453 WRITEUP CRITICAL WRITEUP

Car-Booking-System-PHP v.1.0 - SQL Injection

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php.

CVSS 9.8

View Code