84 matches found
Smarts Smart Agent interface.php Page SQL Injection Vulnerability
Smarts Smart Agent is a powerful, flexible and scalable tool from Smarts for monitoring wireless network performance and services from the end user's perspective. An SQL injection vulnerability exists in Smarts Smart Agent v1.1.0, which stems from a lack of validation of externally entered SQL...
Smarts Smart Agent 安全漏洞
Smarts Smart Agent is a powerful, flexible and scalable tool from Smarts for monitoring wireless network performance and services from the end user's perspective. An SQL injection vulnerability exists in Smarts Smart Agent v1.1.0, which stems from a lack of validation of externally entered SQL...
Dell Avamar SQL Injection Vulnerability (CNVD-2024-49614)
Dell Avamar is a purpose-built backup application from Dell, Inc. It is designed to provide a conveniently sized, turnkey, affordable, deduplicated backup solution. Dell Avamar suffers from a SQL injection vulnerability that arises from an improper neutralization of special elements used in SQL...
Code-Projects Responsive Hotel Site 注入漏洞
Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter troom of file /admin/room.php. An attacker can exploit this vulnerability to execute...
Code-Projects Inventory Management System 注入漏洞
Inventory Management is an inventory management system. Inventory Management suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the id parameter of the /model/editProduct.php file. An attacker can exploit this vulnerability to...
Mini-Tmall SQL Injection Vulnerability
Mini-Tmall is a Spring Boot-based mini-Tmall mall , fast deployment run , suitable for use as a bijou template . SQL injection vulnerability exists in versions prior to Mini-Tmall v2024.07.03. The vulnerability stems from the application's lack of validation of externally entered SQL statements,...
J2EEFAST SysLoginInfoMapper.xml File SQL Injection Vulnerability
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the SysLoginInfoMapper.xml findPage...
J2EEFAST SysTenantMapper.xml file SQL injection vulnerability
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the SysTenantMapper.xml findPage...
RuvarOA SQL Injection Vulnerability (CNVD-2024-33156)
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the projectid parameter in the /ProjectManage/pmgattinc.aspx file against externally entered SQL statements. An attacker can exploi...
J2EEFAST findApplyedTasksPage function SQL injection vulnerability
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from BpmTaskMapper.xml...
RuvarOA SQL Injection Vulnerability (CNVD-2024-33147)
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the id parameter of the /AddressBook/addresspublicnew.aspx file that lacks validation of externally entered SQL statements. An attacker can exploit this...
J2EEFAST myProcessList function SQL injection vulnerability
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the myProcessList function of the...
Sentrifugo bunitname parameter SQL injection vulnerability
Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from the lack of validation of...
JFinalCMS SQL Injection Vulnerability (CNVD-2024-15735)
JFinalCMS is a content management system. JFinalCMS version 5.0.0 suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the file /admin/divdata/delete. An attacker can exploit this vulnerability to execute illegal SQL comman...
Scholars Tracking System SQL Injection Vulnerability (CNVD-2024-14047)
Scholars Tracking System is a scholars tracking system by the individual developer Fabian Ros. A SQL injection vulnerability exists in Scholars Tracking System version 1.0, which stems from a lack of validation of externally entered SQL statements when updating employment status information, and...
Art Gallery Management System SQL Injection Vulnerability (CNVD-2024-05631)
Art Gallery Management System is an art gallery management system. Art Gallery Management System v1.1 suffers from a SQL injection vulnerability that originates from the application's lack of validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...
Hospital Management System login.php File SQL Injection Vulnerability
A Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs effectively. A SQL injection vulnerability exists in Hospital Management System version 1.0, which stems from a lack of validation of externally...
Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13473)
Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in version 1.0 of the Kashipara Food Management System, which is caused by a lack of validation of externally entered SQL statements in the password parameter of the loginCheck.php...
Kashipara Food Management System SQL Injection Vulnerability
Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which originates from a lack of validation of externally entered SQL statements in the id parameter of the addmaterialedit.php file, a...
Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13489)
Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in version 1.0 of the Kashipara Food Management System, which is caused by a lack of validation of externally-entered SQL statements in the itemtype parameter of the stockedit.php fil...