Online Travel Agency System article_edit.php File SQL Injection Vulnerability

Online Travel Agency System is an online travel agency system. A SQL injection vulnerability exists in Online Travel Agency System v1.0, which originates from a lack of validation of the articleedit.php parameter pageid against an externally-entered SQL statement. An attacker can exploit this...

ScienceLogic SL1 SQL Injection Vulnerability (CNVD-2023-66419)

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

ScienceLogic SL1 SQL Injection Vulnerability (CNVD-2023-66415)

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

ScienceLogic SL1 SQL Injection Vulnerability (CNVD-2023-66421)

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

ScienceLogic SL1 SQL Injection Vulnerability (CNVD-2023-66427)

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

NETGEAR DGN3500 Buffer Overflow Vulnerability

The NETGEAR DGN3500 is a wireless router from NETGEAR. The NETGEAR DGN3500 version 1.1.00.37 suffers from a buffer overflow vulnerability, which originates from the httppassword parameter in setup.cgi failing to properly validate the length of the input data, which can be exploited by a remote...

ScienceLogic SL1 SQL Injection Vulnerability (CNVD-2023-66416)

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

Simple Online Mens Salon Management System SQL Injection Vulnerability (CNVD-2023-65139)

Simple Online Mens Salon Management System is open source a men's salon management system . Simple Online Mens Salon Management System v1.0 version of the SQL injection vulnerability, the vulnerability stems from the file /admin/?page=user/manageuser &id=3 parameter id lack of validation of...

CVE-2023-3743

Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the productoneimg parameter to retrieve the information stored in the database...

ChatEngine SQL Injection Vulnerability

ChatEngine is a Java web application . A SQL injection vulnerability exists in ChatEngine v1.0, which originates from the textMessage parameter of /src/chatbotapp/chatWindow.java that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

ChatEngine SQL注入漏洞

ChatEngine is a Java web application . A SQL injection vulnerability exists in ChatEngine v1.0, which originates from the textMessage parameter of /src/chatbotapp/chatWindow.java that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

PT-2023-3472 · Ipswitch · Moveit Transfer

Name of the Vulnerable Software and Affected Versions: MOVEit Transfer versions prior to 2020.1.11 12.1.11 MOVEit Transfer versions prior to 2021.0.9 13.0.9 MOVEit Transfer versions prior to 2021.1.7 13.1.7 MOVEit Transfer versions prior to 2022.0.7 14.0.7 MOVEit Transfer versions prior to 2022.1...

CVE-2023-32115

An attacker can exploit MDS COMPARE TOOL and use specially crafted inputs to read and modify database commands, resulting in the retrieval of additional information persisted by the system...

Glitter Unicorn Wallpaper 安全漏洞

Glitter unicorn wallpaper is a wallpaper application. A security vulnerability exists in Glitter Unicorn Wallpaper versions 7.0 through 8.0, which stems from a vulnerability that allows an unauthorized application to actively request permission to modify data in a database, which could be tampere...

Piwigo SQL Injection Vulnerability (CNVD-2023-41503)

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. Piwigo suffers from an SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in t...

File Tracker Manager System SQL Injection Vulnerability

File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameter newpassword in the file register/updatepassword.php against externally entered SQL statements. A...

Lost and Found Information System index.php File SQL Injection Vulnerability

Lost and Found Information System is a lost and found information system. A SQL injection vulnerability exists in Lost and Found Information System v1.0, which originates from the parameter cid in the file items/index.php that lacks validation of externally entered SQL statements. An attacker can...

Service Provider Management System SQL Injection Vulnerability (CNVD-2023-38189)

Service Provider Management System is a web-based application by Carlo Montero, an individual developer. It is designed to provide dynamic websites for service provider companies. A SQL injection vulnerability exists in Service Provider Management System version 1.0, which can be exploited by...

Service Provider Management System SQL Injection Vulnerability

Service Provider Management System is a web-based application by Carlo Montero, an individual developer. It is designed to provide dynamic websites for service provider companies. A SQL injection vulnerability exists in Service Provider Management System version 1.0, which is caused by an incorre...