Lucene search
+L

84 matches found

cnvd
cnvd
added 2024/01/11 12:0 a.m.8 views

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13473)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in version 1.0 of the Kashipara Food Management System, which is caused by a lack of validation of externally entered SQL statements in the password parameter of the loginCheck.php...

6.5CVSS8.2AI score0.00526EPSS
Exploits1References1
cnnvd
cnnvd
added 2024/01/07 12:0 a.m.5 views

Kashipara Food Management System SQL注入漏洞

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in version 1.0 of the Kashipara Food Management System, which is caused by a lack of validation of the productname parameter of the rawstockuseddamagingsmt.php file against...

6.5CVSS8.2AI score0.00526EPSS
Exploits1References4
cnvd
cnvd
added 2023/12/18 12:0 a.m.4 views

EmpireCMS SQL Injection Vulnerability (CNVD-2024-4321448)

EmpireCMS Empire Content Management System is an open source content management system CMS. SQL injection vulnerability exists in EmpireCMS v7.5, the vulnerability stems from the lack of validation of the ftppassword parameter in SetEnews.php for external input SQL statements, which can be...

9.8CVSS8AI score0.00628EPSS
Exploits1References1
cnvd
cnvd
added 2023/12/11 12:0 a.m.4 views

osCommerce SQL Injection Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. An SQL injection vulnerability exists in osCommerce, which originates from the lack of validation of the parameter estimatecountryid in the file /b2b-supermarket/shopping-cart against externally entered...

9.8CVSS7.9AI score0.23846EPSS
Exploits3References1
cnnvd
cnnvd
added 2023/10/17 12:0 a.m.4 views

D-Link DAR-7000 SQL注入漏洞

D-Link DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. A SQL injection vulnerability exists in the D-Link DAR-7000 mailrecvview.php file, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

9.8CVSS8.3AI score0.00687EPSS
Exploits1References2
cnnvd
cnnvd
added 2023/08/09 12:0 a.m.7 views

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

8.8CVSS8.1AI score0.00608EPSS
Exploits0References2
cnnvd
cnnvd
added 2023/07/06 12:0 a.m.4 views

ChatEngine SQL注入漏洞

ChatEngine is a Java web application . A SQL injection vulnerability exists in ChatEngine v1.0, which originates from the textMessage parameter of /src/chatbotapp/chatWindow.java that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

7.5CVSS8.2AI score0.00556EPSS
Exploits0References3
cnvd
cnvd
added 2023/04/24 12:0 a.m.9 views

Yoga Class Registration System SQL Injection Vulnerability

Yoga Class Registration System is a yoga class registration system. A SQL injection vulnerability exists in Yoga Class Registration System v1.0, which originates from the lack of validation of the cid parameter in /admin/login.php against external SQL input. An attacker can exploit this...

7.5CVSS7.9AI score0.00672EPSS
Exploits1References1
cnnvd
cnnvd
added 2023/04/08 12:0 a.m.4 views

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter category of...

8.8CVSS7.9AI score0.00717EPSS
Exploits1References4
cnnvd
cnnvd
added 2022/10/06 12:0 a.m.4 views

Simple Cold Storage Management System SQL注入漏洞

Simple Cold Storage Management System is a web-based application used as a cold storage business website to provide their customers or potential customers with an easy-to-access platform to learn about their company. A SQL injection vulnerability exists in Simple Cold Storage Management System...

7.2CVSS8.1AI score0.00837EPSS
Exploits1References2
cnnvd
cnnvd
added 2022/07/05 12:0 a.m.5 views

Stock Management System SQL注入漏洞

Stock Management System is an inventory management system. A SQL injection vulnerability exists in Stock Management System v1.0, which originates from a lack of validation of the id parameter in /isms/admin/stocks/viewstock.php against an externally entered SQL statement. An attacker can exploit...

9.8CVSS6.1AI score0.01424EPSS
Exploits1References2
cnnvd
cnnvd
added 2022/06/17 12:0 a.m.3 views

Online Ordering System SQL注入漏洞

Online Ordering System is a multi-store ordering system that can be used by any small business.Online Ordering System version v2.3.2 is vulnerable to SQL injection, which originates from /ordering/index.php?q=category&search=Lack of validation of external input SQL statement validation, an attack...

9.8CVSS6AI score0.01026EPSS
Exploits1References2
cnvd
cnvd
added 2022/06/09 12:0 a.m.46 views

Online Ordering System SQL Injection Vulnerability (CNVD-2022-55720)

Online Ordering System is a multi-store ordering system that can be used by any small business.An SQL injection vulnerability exists in Online Ordering System version 2.3.2, which originates from /ordering/admin/category/index.php?view=edit&id = The page lacks validation of externally entered SQL...

9.8CVSS4.5AI score0.01067EPSS
Exploits1References1
cnvd
cnvd
added 2022/06/09 12:0 a.m.14 views

Badminton Center Management System SQL注入漏洞(CNVD-2022-44733)

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. Badminton Center Management System v1.0 provides an online and automated platform for badminton centers to manage their daily transactions and records. An SQL injection vulnerabilit...

9.8CVSS4AI score0.01068EPSS
Exploits1References1
cnnvd
cnnvd
added 2022/06/02 12:0 a.m.4 views

BrowsBox CMS SQL注入漏洞

BrowsBox CMS is a content management system from BrowsBox Belgium. v4.0 of BrowsBox CMS is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

9.8CVSS6AI score0.01136EPSS
Exploits1References3
cnnvd
cnnvd
added 2022/06/02 12:0 a.m.6 views

ChatBot App with Suggestion SQL注入漏洞

ChatBot App with Suggestion is a ChatBot application with suggestion by Carlo Montero's personal developer. v1.0 of ChatBot App with Suggestion is vulnerable to SQL injection, which originates from /simplechatbot/ admin/?page=user/manageuser&id=The page lacks validation for external input SQL...

9.8CVSS5.9AI score0.01081EPSS
Exploits1References2
cnvd
cnvd
added 2022/05/17 12:0 a.m.27 views

Air Cargo Management System SQL Injection Vulnerability (CNVD-2022-58095)

Air Cargo Management System is an air cargo management system. version 1.0 of Air Cargo Management System is vulnerable to SQL injection, which originates from /acms/classes/Master.php?f=deletecargo missing filtering and An attacker can use this vulnerability to execute illegal SQL commands to...

7.2CVSS5.4AI score0.00929EPSS
Exploits1References1
cnvd
cnvd
added 2022/04/24 12:0 a.m.34 views

Sourcecodester Baby Care System SQL注入漏洞(CNVD-2022-35520)

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin/uesrs.php & action=type & userrole=User & userid= in the userid parameter missing validation of...

9.8CVSS3.1AI score0.0122EPSS
Exploits1References1
cnnvd
cnnvd
added 2022/04/21 12:0 a.m.6 views

Sourcecodester Baby Care System SQL注入漏洞

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=siteoptions&social=display&value=0&sid=midsid parameter missing validation of external...

9.8CVSS6.1AI score0.0122EPSS
Exploits1References2
cnnvd
cnnvd
added 2022/04/21 12:0 a.m.6 views

Sourcecodester Baby Care System SQL注入漏洞

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability, which originates from /admin.php?id=siteoptions&social=edit&sid=insid parameter missing validation of external input...

9.8CVSS6.2AI score0.00899EPSS
Exploits0References2
Rows per page
Query Builder