Oracle Java SE和Oracle GraalVM 安全漏洞

Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a set of on-the-fly compilers written in the Java language...

Oracle Fusion Middleware 安全漏洞

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle USA. The platform provides middleware, software collections, and other capabilities. A security vulnerability exists in Oracle Fusion Middleware versions...

Oracle Java SE和Oracle GraalVM 安全漏洞

Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a set of on-the-fly compilers written in the Java language...

Projectworlds Hospital Management System SQL Injection Vulnerability

Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria.Projectworlds Hospital Management System Mini-Project 2018.06.17 and earlier versions contain a SQL injection vulnerability, which can be exploited by attackers to obtain database data...

Simple Cold Storage Management System SQL注入漏洞

Simple Cold Storage Management System is a web-based application used as a cold storage business website to provide their customers or potential customers with an easy-to-access platform to learn about their company. A SQL injection vulnerability exists in Simple Cold Storage Management System...

Food Ordering Management System SQL Injection Vulnerability

Food Ordering Management System is a food ordering management system from Carlo Montero's personal developer. The Food Ordering Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements by username, and can be exploited by attackers...

Strapi SQL Injection Vulnerability

Strapi is an open source content management system CMS. versions of Strapi prior to 3.6.10 and 4.0.0 and later, and prior to 4.1.10, contain a SQL injection vulnerability that stems from its incorrect handling of hidden attributes in admin API responses. An attacker could exploit the vulnerabilit...

Advantech iView SQL Injection Vulnerability

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B+B SmartWorx devices. An SQL injection vulnerability exists in Advantech iView version 5.7.04.6469, which stems from a flaw in its ConfigurationServlet endpoint that can be exploited by an attacker t...

EyesOfNetwork SQL Injection Vulnerability

EyesOfNetwork EON is an open source, free IT monitoring solution from the EyesOfNetwork community. The solution provides features such as a business process configuration tool, generating pop-up windows when events occur in the active queue, and more. EyesOfNetwork EON 5.3.11 and prior versions...

Online Tours

Online Tours & Travels Management System is an online travel management system developed by Mayuri K. A SQL injection vulnerability exists in Online Tours & Travels Management System v1.0, which originates from /admin/update The id parameter of traveller.php lacks validation for external input SQ...

Wedding Planner package_detail.php SQL Injection Vulnerability

Wedding Planner is a wedding planner program. Designed to provide users with an easy way to plan their wedding through a web application while using real data. Wedding Planner v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of the id parameter in...

Online Leave Management System SQL Injection Vulnerability

Online Leave Management System is an online leave management system. SQL injection vulnerability exists in Online Leave Management System v1.0, which originates in /leavesystem/classes/Master.php?f=delete application lacks validation of externally entered SQL statements. An attacker could use thi...

Online Leave Management System Master.php?f=delete_leave_type SQL Injection Vulnerability

Online Leave Management System is an online leave management system. SQL injection vulnerability exists in Online Leave Management System v1.0, which originates from /leavesystem/classes/Master.php?f=delete leavetype lacks validation for external input SQL statements. An attacker could use this...

Online Pet Shop We App Master.php?f=delete_order SQL Injection Vulnerability

Online Pet Shop We App is an online pet store web application by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Online Pet Shop We App version 1.0, which originates from a lack of validation of externally entered SQL statements in the...

Rails 代码问题漏洞

Rails is a set of open source web application frameworks based on the Ruby language by the American Rails team. Rails has a security vulnerability that stems from the fact that when serialized columns using YAML the default are deserialized, Rails uses YAML.unsafeload to transform the YAML data...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11174)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /admin/?page= reports/stockout&month= is missing validation of external...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11175)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the month parameter of...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11176)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /admin/?page= user/manageuser&id= is missing validation for external input SQ...

CVE-2022-22897

A SQL injection vulnerability in the productalloneimg and imageproduct parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data...

The vulnerability of the TeamPass password manager, related to security configuration errors, allows a hacker to access information from the database.

The vulnerability of the TeamPass password manager is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain information from the database...