Simple Cold Storage Management System SQL注入漏洞

Simple Cold Storage Management System is a web-based application used as a cold storage business website to provide their customers or potential customers with an easy-to-access platform to learn about their company. A SQL injection vulnerability exists in Simple Cold Storage Management System...

Food Ordering Management System SQL Injection Vulnerability

Food Ordering Management System is a food ordering management system from Carlo Montero's personal developer. The Food Ordering Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements by username, and can be exploited by attackers...

Advantech iView SQL Injection Vulnerability

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B+B SmartWorx devices. An SQL injection vulnerability exists in Advantech iView version 5.7.04.6469, which stems from a flaw in its ConfigurationServlet endpoint that can be exploited by an attacker t...

Strapi SQL Injection Vulnerability

Strapi is an open source content management system CMS. versions of Strapi prior to 3.6.10 and 4.0.0 and later, and prior to 4.1.10, contain a SQL injection vulnerability that stems from its incorrect handling of hidden attributes in admin API responses. An attacker could exploit the vulnerabilit...

EyesOfNetwork SQL Injection Vulnerability

EyesOfNetwork EON is an open source, free IT monitoring solution from the EyesOfNetwork community. The solution provides features such as a business process configuration tool, generating pop-up windows when events occur in the active queue, and more. EyesOfNetwork EON 5.3.11 and prior versions...

Online Tours

Online Tours & Travels Management System is an online travel management system developed by Mayuri K. A SQL injection vulnerability exists in Online Tours & Travels Management System v1.0, which originates from /admin/update The id parameter of traveller.php lacks validation for external input SQ...

Wedding Planner package_detail.php SQL Injection Vulnerability

Wedding Planner is a wedding planner program. Designed to provide users with an easy way to plan their wedding through a web application while using real data. Wedding Planner v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of the id parameter in...

Online Leave Management System Master.php?f=delete_leave_type SQL Injection Vulnerability

Online Leave Management System is an online leave management system. SQL injection vulnerability exists in Online Leave Management System v1.0, which originates from /leavesystem/classes/Master.php?f=delete leavetype lacks validation for external input SQL statements. An attacker could use this...

Online Leave Management System SQL Injection Vulnerability

Online Leave Management System is an online leave management system. SQL injection vulnerability exists in Online Leave Management System v1.0, which originates in /leavesystem/classes/Master.php?f=delete application lacks validation of externally entered SQL statements. An attacker could use thi...

Online Pet Shop We App Master.php?f=delete_order SQL Injection Vulnerability

Online Pet Shop We App is an online pet store web application by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Online Pet Shop We App version 1.0, which originates from a lack of validation of externally entered SQL statements in the...

Rails 代码问题漏洞

Rails is a set of open source web application frameworks based on the Ruby language by the American Rails team. Rails has a security vulnerability that stems from the fact that when serialized columns using YAML the default are deserialized, Rails uses YAML.unsafeload to transform the YAML data...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11174)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /admin/?page= reports/stockout&month= is missing validation of external...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11175)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the month parameter of...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11176)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /admin/?page= user/manageuser&id= is missing validation for external input SQ...

CVE-2022-22897

A SQL injection vulnerability in the productalloneimg and imageproduct parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data...

The vulnerability of the TeamPass password manager, related to security configuration errors, allows a hacker to access information from the database.

The vulnerability of the TeamPass password manager is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain information from the database...

Pharmacy Management System getproductreport.php SQL Injection Vulnerability

Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from the getproductreport.php startDate parameter in getproductreport.php lacks validation for...

Pharmacy Management System getsalereport.php SQL Injection Vulnerability

Pharmacy Management System MPMS is a multi-lingual pharmacy management system by Mayuri K. Personal developer. version v1.0 of Pharmacy Management System is vulnerable to SQL injection, which stems from the startDate parameter in getsalereport.php parameter in getsalereport.php lacks validation f...

Pharmacy Management System getOrderReport.php SQL Injection Vulnerability

Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from the getOrderReport.php startDate parameter in getOrderReport.php lacks validation for extern...

Pharmacy Management System edituser.php SQL Injection Vulnerability

Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from a lack of validation of external input SQL in the id parameter of edituser.php statements. A...