HealthNode Hospital Management System 安全漏洞

HealthNode Hospital Management System is a hospital management system. The system includes functions such as patient information management, ward management, surgery schedule management and financial management. Hospital Management System suffers from an SQL injection vulnerability, which...

CVE-2021-45334

Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can bypass admin authentication and gain access to admin panel using SQL Injection...

Ed01-Cms SQL注入漏洞

ED01-CMS is a content management system. ED01-CMS 1.0 is vulnerable to SQL injection, which can be exploited by attackers to perform SQL injection in the cposts.php component via the cid parameter...

CVE-2021-40814

The Customer Photo Gallery addon before 2.9.4 for PrestaShop is vulnerable to SQL injection...

Puppet SQL注入漏洞

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the United States, which can be used to manage profiles, users, cron tasks, packages, system services, and more. A SQL injection vulnerability exists in Puppet DB that stems from a flaw...

Sourcecodester Pisay Online E-Learning System SQL注入漏洞

Sourcecodester Pisay Online E-Learning System is an online e-learning system based on PHP and MySQL. Sourcecodester Pisay Online E-Learning System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in a database-based...

SQL Injection Vulnerability in Stone Technology Online Exam System

Stone Technology Online Exam System is a php/mysql based exam management system. Stone Technology Online Exam System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Microcontrol Smart Cafeteria Management System of Shenzhen Microcontrol One Finger Technology Co.

Shenzhen Micro-control One Finger Technology is a value-integrated enterprise that aspires to biometrics technology research as well as applied product development, production, consulting, sales and service. Shenzhen Micro-control One Finger Technology Co., Ltd Micro-control Smart Cafeteria...

CVE-2017-12759

Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by: SQL Injection. The impact is: Code execution remote...

SQL Injection Vulnerability in Interview Module of State Micro CMS School Crowd System

State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS school station group system interview module SQL injection vulnerability. Attackers can use the vulnerability to obtain...

CVE-2018-5443

A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.220170817. WebAccess/SCADA does not properly sanitize its inputs for SQL commands...

PHPSUGAR PHP Melody SQL Injection Vulnerability (CNVD-2018-03163)

PHPSUGAR PHP Melody is a PHP-based content management system for video websites. A SQL injection vulnerability exists in PHPSUGAR PHP Melody. A remote attacker can exploit this vulnerability to execute SQL commands...

Multiple vulnerabilities in SEO Panel

Overview SEO Panel provided by SEO Panel contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2017-10838 SQL injection CWE-89 - CVE-2017-10839 ASAI Ken reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warnin...

IBM Kenexa LCMS Premier on Cloud SQL Injection Vulnerability (CNVD-2017-02717)

IBM Kenexa LCMS Premier on Cloud is an adjustable Learning Content Management System LCMS for developing, maintaining, and delivering effective employee training from IBM USA. IBM Kenexa LCMS Premier on Cloud suffers from a SQL injection vulnerability that could allow a remote attacker to view,...

SQL Injection Vulnerability in type=Detail&FileId Parameter of Penta Digital Campus System

Penta Digital Campus System is using the technology platform of .NET+SqlServer. A SQL injection vulnerability exists in the /BG/GRBG/FileManage/FileUPload.aspx page of Pangda Digital Campus System. The lack of filtering of the 'id' parameter allows an attacker to exploit the vulnerability to obta...

CVE-2016-1000116

Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS...

Multiple Cross-Site Request Forgery Vulnerabilities in osCMax

osCMax is a PHP-based open source e-commerce system/shopping cart application that supports multi-language, SSL-secured transactions, multiple payment methods, regional shipping conversion, printing invoices and more. Multiple cross-site request forgery vulnerabilities exist in versions of osCMax...

McAfee Data Loss Prevention Endpoint SQL Injection Vulnerability

McAfee Network Data Loss Prevention monitors network traffic and protects against data loss. A SQL injection vulnerability exists in McAfee Data Loss Prevention Endpoint, which could be exploited by an attacker to execute arbitrary SQL commands...