#php

School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125

School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:126.

Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php.

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php.

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php.

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php.

elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=.

Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php.

An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows attackers to modify products that are owned by other sellers.

A cross-site scripting (XSS) vulnerability in /omps/seller of Online Market Place Site v1.0 allows attackers to execute arbitrary web cripts or HTML via a crafted payload injected into the Page parameter.