Library Management System Security Vulnerability

Library Management System is a library management system with QR code for attendance and automatic generation of library card by King Albaracin Personal Developer. A security vulnerability exists in Senayan Library Management Systems 9 Bulian v9.6.1, which stems from vulnerability to SQL injectio...

CVE-2023-5423

A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirmorder. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely...

CVE-2023-34476

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability allows SQL Injection...

PT-2023-25734 · Unknown · Bylancer Quickjob

Name of the Vulnerable Software and Affected Versions: Bylancer QuickJob version 6.1 Description: A critical vulnerability has been found in the component GET Parameter Handler. The manipulation of the keywords/gender argument leads to sql injection. It is possible to launch the attack remotely...

CVE-2023-3062

A vulnerability was found in code-projects Agro-School Management System 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument password leads to sql injection. It is possible to launch the attack remotely. The identifier o...

PT-2023-22877 · Unknown · Campcodes Retro Cellphone Online Store

Name of the Vulnerable Software and Affected Versions: Campcodes Retro Cellphone Online Store version 1.0 Description: A critical vulnerability has been found in the software. The issue is related to an unknown function of the file /admin/modal add product.php, where the manipulation of the...

PT-2023-20867 · Unknown · Sourcecodester Online Exam System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Exam System version 1.0 Description: A critical issue has been found in the SourceCodester Online Exam System, affecting the POST Parameter Handler component in the /kelas/data file. The manipulation of the columns1data...

Campcodes Coffee Shop POS System SQL注入漏洞

Campcodes Coffee Shop POS System is a coffee shop POS system from Campcodes. Campcodes Coffee Shop POS System v1.0 suffers from a SQL injection vulnerability, which stems from the lack of validation of external SQL input in the parameter id of the file viewproduct.php, which can be exploited by a...

CVE-2023-29622

Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchaseorder/admin/login.php...

PT-2023-20908 · Prestashop · Prestashop Advancedpopupcreator

Name of the Vulnerable Software and Affected Versions: Prestashop advancedpopupcreator versions 1.1.21 through 1.1.24 Description: The issue is related to a SQL injection vulnerability. It affects the component AdvancedPopup::getPopups. Recommendations: For versions 1.1.21 through 1.1.24, conside...

CVE-2023-1253

A vulnerability, which was classified as critical, was found in SourceCodester Health Center Patient Record Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely...

PT-2023-20058 · Unknown · Online Reviewer Management System

Name of the Vulnerable Software and Affected Versions: Online Reviewer Management System version 1.0 Description: An issue was discovered in the Online Reviewer Management System, where a SQL injection can directly issue instructions to the background database system via the "reviewer...

SUSE CVE-2005-3893

Multiple SQL injection vulnerabilities in index.pl in Open Ticket Request System OTRS 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 user parameter in the Login action, and remote authenticated users via the...

CVE-2022-43519

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities...

PT-2022-27729 · Unknown · Helmet Store Showroom

Name of the Vulnerable Software and Affected Versions: Helmet Store Showroom version 1.0 Description: The issue is related to a SQL Injection vulnerability at the Login Page. This vulnerability can be exploited to bypass admin access. Recommendations: For Helmet Store Showroom version 1.0, consid...

JFinal SQL注入漏洞

JFinal is a Java-based WEB + ORM open source framework. JFinal CMS version 5.1.0 has a security vulnerability , the vulnerability stems from /admin/image/list SQL injection vulnerability...

WordPress Plugin Website File Changes Monitor SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2022-32372

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/getsubject.php?id=...

SyliusGridBundle SQL注入漏洞

SyliusGridBundle is an open source e-commerce solution built from decoupled components with a robust API and the highest quality code.A SQL injection vulnerability exists in SyliusGridBundle versions prior to 1.10.1 and prior to 1.11-rc2, which stems from the fact that values added at the end of ...

Car Driving School Management System SQL注入漏洞

A SQL injection vulnerability exists in Car Driving School Management System, a driving school management system, which stems from the fact that the product login page does not effectively filter special characters in user input data, and can be exploited to execute malicious An attacker can...