84 matches found
Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13473)
Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in version 1.0 of the Kashipara Food Management System, which is caused by a lack of validation of externally entered SQL statements in the password parameter of the loginCheck.php...
Kashipara Food Management System SQL注入漏洞
Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in version 1.0 of the Kashipara Food Management System, which is caused by a lack of validation of the productname parameter of the rawstockuseddamagingsmt.php file against...
EmpireCMS SQL Injection Vulnerability (CNVD-2024-4321448)
EmpireCMS Empire Content Management System is an open source content management system CMS. SQL injection vulnerability exists in EmpireCMS v7.5, the vulnerability stems from the lack of validation of the ftppassword parameter in SetEnews.php for external input SQL statements, which can be...
osCommerce SQL Injection Vulnerability
osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. An SQL injection vulnerability exists in osCommerce, which originates from the lack of validation of the parameter estimatecountryid in the file /b2b-supermarket/shopping-cart against externally entered...
D-Link DAR-7000 SQL注入漏洞
D-Link DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. A SQL injection vulnerability exists in the D-Link DAR-7000 mailrecvview.php file, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
ScienceLogic SL1 SQL注入漏洞
ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...
ChatEngine SQL注入漏洞
ChatEngine is a Java web application . A SQL injection vulnerability exists in ChatEngine v1.0, which originates from the textMessage parameter of /src/chatbotapp/chatWindow.java that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...
Yoga Class Registration System SQL Injection Vulnerability
Yoga Class Registration System is a yoga class registration system. A SQL injection vulnerability exists in Yoga Class Registration System v1.0, which originates from the lack of validation of the cid parameter in /admin/login.php against external SQL input. An attacker can exploit this...
Online Computer and Laptop Store SQL注入漏洞
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter category of...
Simple Cold Storage Management System SQL注入漏洞
Simple Cold Storage Management System is a web-based application used as a cold storage business website to provide their customers or potential customers with an easy-to-access platform to learn about their company. A SQL injection vulnerability exists in Simple Cold Storage Management System...
Stock Management System SQL注入漏洞
Stock Management System is an inventory management system. A SQL injection vulnerability exists in Stock Management System v1.0, which originates from a lack of validation of the id parameter in /isms/admin/stocks/viewstock.php against an externally entered SQL statement. An attacker can exploit...
Online Ordering System SQL注入漏洞
Online Ordering System is a multi-store ordering system that can be used by any small business.Online Ordering System version v2.3.2 is vulnerable to SQL injection, which originates from /ordering/index.php?q=category&search=Lack of validation of external input SQL statement validation, an attack...
Online Ordering System SQL Injection Vulnerability (CNVD-2022-55720)
Online Ordering System is a multi-store ordering system that can be used by any small business.An SQL injection vulnerability exists in Online Ordering System version 2.3.2, which originates from /ordering/admin/category/index.php?view=edit&id = The page lacks validation of externally entered SQL...
Badminton Center Management System SQL注入漏洞(CNVD-2022-44733)
Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. Badminton Center Management System v1.0 provides an online and automated platform for badminton centers to manage their daily transactions and records. An SQL injection vulnerabilit...
BrowsBox CMS SQL注入漏洞
BrowsBox CMS is a content management system from BrowsBox Belgium. v4.0 of BrowsBox CMS is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
ChatBot App with Suggestion SQL注入漏洞
ChatBot App with Suggestion is a ChatBot application with suggestion by Carlo Montero's personal developer. v1.0 of ChatBot App with Suggestion is vulnerable to SQL injection, which originates from /simplechatbot/ admin/?page=user/manageuser&id=The page lacks validation for external input SQL...
Air Cargo Management System SQL Injection Vulnerability (CNVD-2022-58095)
Air Cargo Management System is an air cargo management system. version 1.0 of Air Cargo Management System is vulnerable to SQL injection, which originates from /acms/classes/Master.php?f=deletecargo missing filtering and An attacker can use this vulnerability to execute illegal SQL commands to...
Sourcecodester Baby Care System SQL注入漏洞(CNVD-2022-35520)
Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin/uesrs.php & action=type & userrole=User & userid= in the userid parameter missing validation of...
Sourcecodester Baby Care System SQL注入漏洞
Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=siteoptions&social=display&value=0&sid=midsid parameter missing validation of external...
Sourcecodester Baby Care System SQL注入漏洞
Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability, which originates from /admin.php?id=siteoptions&social=edit&sid=insid parameter missing validation of external input...