Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13470)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by a lack of validation of the itemname parameter of the itemlistsubmit.php file against externally-entered SQL...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13469)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in version 1.0 of the Kashipara Food Management System, which stems from a lack of validation of externally entered SQL statements in the parameter id of the itemlistedit.php file,...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13467)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by the lack of validation of the itemname parameter of the billAjax.php file against external SQL input, and can be...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13466)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in version 1.0 of the Kashipara Food Management System, which is caused by a lack of validation of the itemname parameter of the addwasteentry.php file against externally-entered SQL...

Kashipara Food Management System SQL Injection Vulnerability

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which originates from a lack of validation of externally entered SQL statements in the id parameter of the addmaterialedit.php file, a...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13479)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which originates from the lack of validation of the rawstockuseddamagingsubmit.php parameter productname against externally-entered SQ...

Kashipara Food Management System SQL注入漏洞

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in version 1.0 of the Kashipara Food Management System, which is caused by a lack of validation of the productname parameter of the rawstockuseddamagingsmt.php file against...

PT-2023-32850 · Devolutions · Devolutions Remote Desktop Manager

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2023.3.31 and earlier Description: The issue is related to inadequate validation of permissions when using remote tools and macros via the context menu. This allows a user to initiate a connection...

Apache StreamPark SQL Injection Vulnerability (CNVD-2024-0217486)

Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit...

EmpireCMS SQL Injection Vulnerability (CNVD-2024-4321448)

EmpireCMS Empire Content Management System is an open source content management system CMS. SQL injection vulnerability exists in EmpireCMS v7.5, the vulnerability stems from the lack of validation of the ftppassword parameter in SetEnews.php for external input SQL statements, which can be...

PT-2023-7878 · Unknown · Itpison Omicard Edm

Name of the Vulnerable Software and Affected Versions: ITPison OMICARD EDM affected versions not specified Description: The SMS-related function in ITPison OMICARD EDM has insufficient validation for user input, allowing an unauthenticated remote attacker to inject arbitrary SQL commands. This ca...

CVE-2023-36652

A SQL Injection in the users searching REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to read database data via SQL commands injected in the search parameter...

Sql injection

A SQL Injection in the users searching REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to read database data via SQL commands injected in the search parameter...

CVE-2023-36652

A SQL Injection in the users searching REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to read database data via SQL commands injected in the search parameter...

CVE-2023-36652

A SQL Injection in the users searching REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to read database data via SQL commands injected in the search parameter...

osCommerce SQL Injection Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. An SQL injection vulnerability exists in osCommerce, which originates from the lack of validation of the parameter estimatecountryid in the file /b2b-supermarket/shopping-cart against externally entered...

Visitor Management System SQL Injection Vulnerability

Visitor Management System is a visitor management system. A SQL injection vulnerability exists in Visitor Management System v1.0, which originates from the parameter id of manageuser.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to...

D-Link DAR-7000 SQL注入漏洞

D-Link DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. A SQL injection vulnerability exists in the D-Link DAR-7000 mailrecvview.php file, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

Access Control Error Vulnerability in Cisco DNA Center API

Cisco DNA Center is a network management and command center service from Cisco USA. An access control error vulnerability exists in the Cisco DNA Center API, which can be exploited by a remote attacker to submit a special request that can read and modify database data and elevate privileges...

CVE-2023-23563

An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to obtain sensitive database content via SQL Injection...