CVE-2023-22324

SQL injection vulnerability in the CONPROSYS HMI System CHS Ver.3.5.0 and earlier allows a remote authenticated attacker to execute an arbitrary SQL command. As a result, information stored in the database may be obtained...

CVE-2022-40839

A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data...

CampCodes Sales and Inventory System /pages/purchase_add.php File SQL Injection Vulnerability

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. The CampCodes Sales and Inventory System suffers from a SQL injection vulnerability that stems from a lack of validation of the parameter ID in the file /pages/purchaseadd.php for externally entered SQL...

CampCodes Sales and Inventory System /pages/ci_update.php File SQL Injection Vulnerability

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. The CampCodes Sales and Inventory System suffers from a SQL injection vulnerability that stems from a lack of validation of an externally entered SQL statement in the parameter Name in the file...

Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-30999)

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. The Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the fromdate/todate parameter of file...

CampCodes Online Shopping Portal 注入漏洞

CampCodes Online Shopping Portal is an online shopping portal from CampCodes, Inc. Campcodes Online Shopping Portal suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter email in the file /forgot-password.php. An...

PHPGurukul e-Diary Management System 注入漏洞

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /manage-notes.php. An attacker can...

WordPress Shuffle plugin SQL injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Shuffle plugin suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements. An attacker can exploit this...

Modern Bag login.php File SQL Injection Vulnerability

Modern Bag is an online management system. Modern Bag suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameters userEmail/userPassword in the /login.php file. An attacker can exploit this vulnerability to execute...

Apartment Visitors Management System mobilenumber parameter SQL Injection Vulnerability

Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter mobilenumber of file /admin-profile.php...

Mingyuan Cloud Real Estate ERP System 注入漏洞

Mingyuan Cloud Real Estate ERP System is a real estate business management software from China-based Mingyuan Cloud. An injection vulnerability exists in Mingyuan Cloud Real Estate ERP System version 1.0, which originates from SQL injection and could allow a remote attacker to obtain, update, and...

WordPress Hero Mega Menu plugin SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

PHPGurukul Apartment Visitors Management System 注入漏洞

Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the editid parameter of file /visitor-detail.php. An...

PHPGurukul Online Shopping Portal 注入漏洞

Online Shopping Portal is an online store. Online Shopping Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the product-details.php file. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...

Mattermost SQL Injection Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a SQL injection vulnerability that stems from the use of uncompiled statements, which can be exploited by an attacker to retrieve database data via a specially designed sorting...

WordPress plugin Legoeso PDF Manager SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Quanxun School Affairs System 安全漏洞

Quanxun School Affairs System is a school affairs system from Quanxun. A security vulnerability exists in Quanxun School Affairs System. An attacker can exploit the vulnerability to view specific pages and obtain database information as well as plaintext administrator credentials...

Student Grading System SQL Injection Vulnerability (CNVD-2025-03172)

Student Grading System is a student grading system. A SQL injection vulnerability exists in Student Grading System version 1.0, which stems from a lack of validation of externally entered SQL statements in the parameter id of the file /viewstudents.php. An attacker can exploit this vulnerability ...

WordPress Plugin WPMU Prefill Post SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists in WordPress plugin WPMU Prefill Post version 1.02 and earlier...

Smarts Smart Agent interface.php Page SQL Injection Vulnerability

Smarts Smart Agent is a powerful, flexible and scalable tool from Smarts for monitoring wireless network performance and services from the end user's perspective. An SQL injection vulnerability exists in Smarts Smart Agent v1.1.0, which stems from a lack of validation of externally entered SQL...