Lucene search
K

1140 matches found

CNVD
CNVD
added 2022/06/20 12:0 a.m.118 views

Fast Food Ordering System SQL Injection Vulnerability (CNVD-2022-48947)

Fast Food Ordering System, a fast food ordering system from Carlo Montero's personal developer, is vulnerable to a SQL injection vulnerability in version 1.0 of Fast Food Ordering System, which originates in /ffos/classes/Master.php?f=delete category page lacks validation of externally entered SQ...

7.2CVSS4.7AI score0.00909EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/20 12:0 a.m.112 views

Fast Food Ordering System SQL Injection Vulnerability (CNVD-2022-48946)

Fast Food Ordering System is a fast food ordering system from Carlo Montero's personal developer. version 1.0 of Fast Food Ordering System is vulnerable to SQL injection, which originates from /ffos/admin/menus/managemenu.php?id= The page lacks validation for external input SQL statements, which...

7.2CVSS4.9AI score0.00909EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/20 12:0 a.m.24 views

Online Fire Reporting System SQL Injection Vulnerability (CNVD-2022-55737)

Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. version v1.0 of Online Fire Reporting System is vulnerable to SQL injection, which stems from a GET parameter in /report/list.php that lacks validation for external The vulnerability is caused...

6.5CVSS4.1AI score0.00891EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/20 12:0 a.m.16 views

Sourcecodester Hospital Patient Records Management System SQL注入漏洞(CNVD-2022-48751)

Sourcecodester Hospital Patient Records Management System is a web-based application that provides hospitals with an automated platform to store and manage their patient records. Management System is vulnerable to a SQL injection vulnerability that originates in the...

7.2CVSS2AI score0.00909EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/20 12:0 a.m.23 views

Directory Management System SQL Injection Vulnerability

Directory Management System is a directory management system. A SQL injection vulnerability exists in Directory Management System v1.0, which stems from a lack of validation of the fullname parameter in add-directory.php against an externally-entered SQL statement. An attacker can exploit this...

9.8CVSS9.9AI score0.01888EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/06/17 12:0 a.m.2 views

Online Ordering System SQL注入漏洞

Online Ordering System is a multi-store ordering system that can be used by any small business.Online Ordering System version v2.3.2 is vulnerable to SQL injection, which originates from /ordering/index.php?q=category&search=Lack of validation of external input SQL statement validation, an attack...

9.8CVSS6AI score0.01026EPSS
Exploits1References2
CNVD
CNVD
added 2022/06/17 12:0 a.m.18 views

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68956)

Advanced School Management System, a school management system by Angel Jude Reyes Suarez, is a SQL injection vulnerability in version v1.0 of Advanced School Management System, which originates from /school/model/ getclassroom.php?id=The page lacks validation for external input SQL statements,...

6.5CVSS2.9AI score0.00909EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/17 12:0 a.m.21 views

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68955)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getadminprofile.php?myindex=The page lacks validation for external input SQL...

6.5CVSS2.6AI score0.00909EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/17 12:0 a.m.17 views

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68960)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getgrade.php?id=The page lacks validation for external SQL statements, which could b...

6.5CVSS2.5AI score0.00909EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/17 12:0 a.m.22 views

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68954)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getteacher.php?id=The page lacks validation for external input SQL statements, which...

6.5CVSS2.6AI score0.00909EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/17 12:0 a.m.24 views

kkcms SQL Injection Vulnerability

kkcms is an open source video capture and playback system. The system is mainly used to automatically capture video resources and provide online playback. kkcms v1.3.7 version has a SQL injection vulnerability, the vulnerability originates from /template/wapian/vlist.php does not filter the...

9.8CVSS3.8AI score0.01068EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/17 12:0 a.m.15 views

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68957)

Advanced School Management System, a school management system by Angel Jude Reyes Suarez, a personal developer, has a SQL injection vulnerability in version v1.0, which originates in /school/model/ getevents.php?eventid=The page lacks validation for external input SQL statements, which could be...

6.5CVSS4.4AI score0.00909EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/17 12:0 a.m.38 views

Web Based Quiz System SQL注入漏洞

Web Based Quiz System is an application used for a simple online based project. Web Based Quiz System v1.0 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the eid parameter of welcome.php. An attacker could use this vulnerability to...

8.8CVSS2.7AI score0.0102EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/17 12:0 a.m.13 views

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68958)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getexam.php?id=The page lacks validation for external input SQL statements, which ca...

6.5CVSS2.6AI score0.00909EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/17 12:0 a.m.25 views

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68965)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /gettimetable.php?id=The page lacks validation for external SQL statements, which cou...

6.5CVSS2.5AI score0.00909EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/17 12:0 a.m.18 views

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68963)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getsubjectrouting.php?id=The page lacks validation for external input SQL statements...

6.5CVSS2.6AI score0.00909EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/06/17 12:0 a.m.24 views

YouDianCMS SQL Injection Vulnerability (CNVD-2022-59019)

YouDianCMS is a website CMS. A SQL injection vulnerability exists in YouDianCMS v9.5.0, which originates from the lack of validation of the IdList parameter at /App/Lib/Action/Home/ApiAction.class.php against external SQL input. This vulnerability can be exploited to execute illegal SQL commands ...

9.8CVSS9.9AI score0.01026EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/17 12:0 a.m.18 views

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68964)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getteacherprofile.php?myindex=The page lacks validation for external input SQL...

6.5CVSS2.6AI score0.00909EPSS
Exploits1Affected Software1
OSV
OSV
added 2022/06/15 4:15 p.m.1 views

CVE-2021-41672

PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group can inject a malicious SQL query in order to affect the execution logic of the application and retrive information from the database...

6.5CVSS5.9AI score0.0139EPSS
Exploits1References2
CNVD
CNVD
added 2022/06/15 12:0 a.m.24 views

Amodat Mobile Application Gateway SQL Injection Vulnerability

Amodat Mobile Application Gateway, a mobile application gateway from Amodat Israel, is vulnerable to a SQL injection vulnerability in versions prior to 7.12.00.09, which stems from a lack of validation of external input by agentid SQL statement validation. An attacker could use this vulnerability...

7.2CVSS3.7AI score0.00418EPSS
Exploits0References1
Rows per page
Query Builder