WordPress Sync WooCommerce Product feed to Google Shopping plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Sync WooCommerce Product feed to Google Shopping plugin has a SQL injection vulnerability The vulnerability stems from the...

WordPress Title Experiments Free plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Title Experiments Free plugin version 9.0.1 prior to the SQL injection vulnerability, the vulnerability stems from the use o...

Money Transfer Management System SQL Injection Vulnerability

A SQL injection vulnerability exists in Money Transfer Management System version 1.0, a money transfer management system. The vulnerability stems from missing validation of external input SQL statements in the id parameter in admin/maintenance/managebranch.php and admin/maintenance/managefee.php...

Forkcms SQL Injection Vulnerability

forkcms is an open source CMS that uses Symfony components. forkcms is vulnerable to SQL injection, which can be exploited by attackers to tamper with database data...

Slims8 Akasia SQL Injection Vulnerability

Slims8 Akasia is a software of the Slims community in Indonesia. It is used for library resource management e.g. books, journals, digital documents and other library materials and administration.An SQL injection vulnerability exists in Slims8 Akasia version 8.3.1, which stems from missing SQL...

Online Project Time Management System SQL Injection Vulnerability

Online Project Time Management System is a web-based online project time management system that provides an online platform for a company's employees to report/record their assigned time or time spent on each project resubmission. online project time management system A SQL injection vulnerabilit...

WordPress WooCommerce plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. SQL injection vulnerability exists in versions of...

Luocms SQL Injection Vulnerability (CNVD-2022-20130)

Luocms is an article management system. A SQL injection vulnerability exists in Luocms v2.0, which stems from a lack of validation of external input SQL statements in /admin/news/sortok.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data...

WordPress AdRotate Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress AdRotate Plugin versions prior to 5.8.22. The vulnerability...

WordPress RegistrationMagic Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress RegistrationMagic Plugin prior to version 5.0.2.2, which ste...

Taocms id parameter SQL injection vulnerability

Taocms is a micro Cms content management system in China. version 3.0.2 of Taocms is vulnerable to SQL injection, which stems from the lack of validation of externally entered SQL statements by the backend parameter id. An attacker can use this vulnerability to execute illegal SQL commands to ste...

Design/Logic Flaw

An issue was discovered in taocms 3.0.2. This is a SQL blind injection that can obtain database data through the Comment Update field...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48763）

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourcecodester Hospital Patient Record Management System v1.0 is vulnerable to SQL injection. The vulnerability is caus...

CVE-2022-23986

SQL injection vulnerability in the phpUploader v1.2 and earlier allows a remote unauthenticated attacker to obtain the information in the database via unspecified vectors...

BloofoxCms SQL注入漏洞

BloofoxCms is a Php based text content management system. A SQL injection vulnerability exists in BloofoxCms versions 0.5.1 inclusive to 0.5.2.1 inclusive due to the following parameters "URLs,langid,tmplid,modrewrite,etadoctype,metacharset,default group,page group" lacks validation of externally...

Multiple vulnerabilities in phpUploader

Overview phpUploader provided by Dojin Club MICMNIS contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2022-24435 SQL Injection CWE-89 - CVE-2022-23986 Toyama Taku reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information...

WordPress和WordPress plugin SQL注入漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. A SQL injection vulnerability exists in versions of the WordPress Futurio Extra plugin prior to 1.6.3, which stems from a lack of filtering and escaping of SQL data submitted by users. A highly privileg...

MartDevelopers iResturant SQL Injection Vulnerability (CNVD-2022-91165)

MartDevelopers Iresturant is an open source lightweight restaurant Erp from MartDevelopers Kenya. used to integrate social restaurant operations into one system. a SQL injection vulnerability exists in MartDevelopers iResturant v1.0, which stems from adding this when viewing a reservation view...

pimcore SQL Injection Vulnerability (CNVD-2022-07503)

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce framework and product information management applications. pimcore has a SQL injection vulnerability,...

WordPress RegistrationMagic plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.The WordPress RegistrationMagic plugin was vulnerable to SQL injection before 5.0.1.6, which stems from the la...