2 matches found
CVE-2025-40885
A SQL Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SELECT SQL statements on the DBMS used by the web application, potentially exposing unauthorized da...
LocatePC 1.05 (Ligatt Version + Others) - SQL Injection
LocatePC 1.05 Ligatt Version + Others - SQL Injection Affected Software: LocatePC 1.05 Consequences: Arbitrary SELECT queries against the LocatePC and "mysql" database. The LocatePC database contains enough information to stalk all users of the software. It may be possible to instruct the softwar...