SourceCodester Online Tutor Portal 注入漏洞

SourceCodester Online Tutor Portal is a SourceCodester open source online tutor portal. An injection vulnerability exists in SourceCodester Online Tutor Portal version 1.0, which stems from the fact that incorrect manipulation of a parameter ID can lead to SQL injection...

vipshop Saturn SQL注入漏洞

vipshop Saturn is a platform that provides distributed, fault-tolerant, and highly available job scheduling services from China's Vipshop vipshop company. A security vulnerability exists in vipshop Saturn 3.5.1 and earlier versions, which stems from a SQL injection in the zkClusterKey component...

PT-2025-14380 · Unknown · Clinic'S Patient Management System

Name of the Vulnerable Software and Affected Versions: Clinic’s Patient Management System version 2.0 Description: The issue is related to a SQL injection vulnerability in the login page. Recommendations: For Clinic’s Patient Management System version 2.0, update to a version that fixes the SQL...

PHPGurukul e-Diary Management System 安全漏洞

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the Category parameter of the edit-category.php?id=8 file. An attacker ca...

WordPress plugin Advanced Google reCAPTCHA SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress...

PHPGurukul Art Gallery Management System 注入漏洞

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search of /search.php. An attacker can exploit this...

CVE-2019-25222

The Thumbnail carousel slider plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

LogicalDOC SQL注入漏洞

LogicalDOC is the United States LogicalDOC company a set of document management system developed using Java technology. The system has features such as Lucene full-text search indexing and automatic import. A security vulnerability exists in LogicalDOC that originates from a blind SQL injection,...

Apartment Visitors Management System contactno Parameter SQL Injection Vulnerability

Apartment Visitors Management System is an apartment visitor management system. The Apartment Visitors Management System suffers from a SQL injection vulnerability that stems from a lack of validation of the contactno parameter against externally entered SQL statements. An attacker can use this...

Online Shopping Portal product-details.php file SQL Injection Vulnerability

Online Shopping Portal is an online store. Online Shopping Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the product-details.php file. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...

WordPress plugin Pollin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Library Card System 注入漏洞

Library Card System is a library management system. A SQL injection vulnerability exists in Library Card System version 1.0, which originates from a lack of validation of the id parameter of the card.php file against externally entered SQL statements. An attacker can use this vulnerability to...

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. An SQL injection vulnerability exists in WeGIA 3.2.11 and prior versions that originates from allowing an authorized attacker to execute arbitrary SQL queries that could allow access to or delete sensitiv...

CVE-2024-53357

Multiple SQL injection vulnerabilities in EasyVirt DCScope = 8.6.0 and CO2Scope = 1.3.0 allows remote authenticated attackers, with low privileges, to 1 add an admin user via the /api/user/addalias route; 2 modifiy a user via the /api/user/updatealiasroute; 4 delete users via the /api/user/delali...

Centreon SQL注入漏洞

Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for resources such as networks, systems and applications. A security vulnerability exists in versions of Centreon Web prior to 24.10.3, which originates from an...

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A SQL injection vulnerability exists in WeGIA versions prior to 3.2.9. An attacker can exploit this vulnerability to execute arbitrary SQL commands in the database to access sensitive information...

WordPress plugin WPLMS SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WPL...

InfotelGLPI tasklists SQL注入漏洞

InfotelGLPI tasklists is an InfotelGLPI plugin for use in GLPI, an open source helpdesk and asset tracking system that provides task management and Kanban functionality. An SQL injection vulnerability exists in InfotelGLPI tasklists versions prior to 2.0.4, which stems from the presence of a blin...

1000 Projects Daily College Class Work Report Book 注入漏洞

1000 Projects Daily College Class Work Report Book is an open source college class work report book by 1000 Projects. An injection vulnerability exists in version 1.0 of 1000 Projects Daily College Class Work Report Book, which stems from the user parameter in the /login.php file that can cause S...

CodeAstro House Rental Management System 注入漏洞

CodeAstro House Rental Management System is a house rental management system from CodeAstro. An injection vulnerability exists in CodeAstro House Rental Management System version 1.0, which stems from an incorrect manipulation of the parameter u/p that can lead to SQL injection...