CVE-2022-33060

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteschedule...

CVE-2022-32401

Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manageprivilege.php:4...

74cms SQL注入漏洞

74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from the lack of validation of external input SQL statements in the /freelance/resumelist keyword parameter. An attacker could use this vulnerability to execute...

74cms SQL注入漏洞

74cms is an online recruitment system based on PHP and MySQL by China Xunyi Technology Company. A SQL injection vulnerability exists in 74cmsSE v3.5.1, which originates from the lack of validation of externally entered SQL statements in the keyword parameter of /home/campus/campusjob. An attacker...

ZZCMS SQL注入漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. A security vulnerability exists in ZZCMS 2019 version, which can be exploited by an attacker to perform a SQL injection attack via the id parameter in /admin/dlsendmail.php...

PEEL Shopping CMS SQL注入漏洞

PEEL Shopping CMS is a shopping platform. A SQL injection vulnerability exists in PEEL Shopping CMS version 9.4.0, which stems from a lack of filtering of SQL data in utilisateurs.php. An attacker belonging to the Administrators group can inject malicious SQL queries to affect the application's...

Patient Records Management System SQL注入漏洞

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. Management System is vulnerable to a SQL injection vulnerability that originates in /hprms/admin/rooms/viewroom.php?id=...

CVE-2022-1687

The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lspsliderid parameter before using it in a SQL statement via the Manage Slider Images admin page, leading to an SQL Injection...

CVE-2022-32008

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/vacancy/index.php?view=edit&id=...

Online Ordering System SQL注入漏洞

Online Ordering System is a multi-store ordering system that can be used by any small business. version 1.0 of Online Ordering System is vulnerable to a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements on the admin/vieworders.php page, which...

Rescue Dispatch Management System SQL注入漏洞

Rescue Dispatch Management System is a rescue dispatch management system from Carlo Montero's personal developer. rescue dispatch management system v1.0 is vulnerable to SQL injection, which originates from /rdms/classes/ Master.php?f=deletereport page lacks validation of externally entered SQL...

CVE-2022-29688

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy...

Automotive Shop Management System SQL注入漏洞

Automotive Shop Management System is an automotive shop management system. version 1.0 of Automotive Shop Management System contains a security vulnerability that could be exploited to dump all database credentials and gain administrator access...

CVE-2022-29009

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication...

OpenMRS SQL注入漏洞

OpenMRS is a medical records system from OpenMRS, Inc. SQL injection vulnerability can be exploited to cause a SQL injection vulnerability via GET requests...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. A SQL...

Pagekit SQL注入漏洞

Pagekit is a modular, lightweight CMS content management system. pagekit has a SQL injection vulnerability, which can be exploited by attackers to execute illegal SQL commands to steal sensitive data from the database...

TuziCMS SQL注入漏洞

TuziCMS Rabbit CMS is a PHP and MySQL-based enterprise content management system CMS. SQL injection vulnerability exists in TuziCMS version 2.0.6, which stems from the fact that AppManageControllerBannerController.class.php lacks validation for external input SQL statements. An attacker could use...

CVE-2022-25223

Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries in 'mtms/admin/?page=transaction/viewdetails' via the 'id' parameter...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.Delta Electronics...