WordPress Download Monitor PluginSQL Injection Vulnerability

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.The WordPress Download Monitor Plugin has a SQL injection vulnerability in versions prior to 4.4.5, which stems from the use...

Video Sharing Website SQL Injection Vulnerability

Video Sharing Website is a video sharing website. video Sharing Website is vulnerable to SQL injection in v1.0, which stems from the application's lack of validation of externally entered SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive...

Simple Cold Storage Management System SQL Injection Vulnerability

Simple Cold Storage Management System is a powerful and flexible ERP system that includes all the complex processing functionality required for cold storage. simple Cold Storage Management System is vulnerable in v1.0 due to a SQL injection vulnerability in the system's view The vulnerability is...

Projectworlds Hospital Management System SQL Injection Vulnerability (CNVD-2022-01378)

Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria. v1.0 of Projectworlds Hospital Management System is vulnerable to SQL injection, which can be exploited by attackers to Execute illegal SQL commands to steal sensitive database data...

ZZCMS SQL Injection Vulnerability (CNVD-2021-101691)

ZZCMS is a content management system CMS from the Zzcms team in China.ZZCMS is vulnerable to SQL injection in 2021, which stems from a lack of validation of external input SQL statements in the askbigclassid parameter of /admin/ask.php in the application. An attacker could use this vulnerability ...

TuziCMS SQL注入漏洞

TuziCMS Rabbit CMS is a PHP and MySQL based enterprise website content management system. SQL injection vulnerability exists in TuziCMS version v2.0.6, which originates from the id parameter in AppManageControllerAdvertController.class.php, and can be exploited by attackers to vulnerability can b...

Open Solutions For Education openSIS SQL注入漏洞

openSIS is an open source student information management system from Open Solutions for Education. openSIS is vulnerable to a SQL injection vulnerability that originates in /opensis/modules/grades/InputFinalGrades.php due to a lack of validation of external input SQL statement validation. An...

Sourcecodester Online Learning System SQL Injection Vulnerability

Sourcecodester Online Learning System is an online e-learning system based on PHP and MySQL. sourcecodester Online Learning System has a SQL injection vulnerability in v2.0, which stems from the application's lack of validation of external input SQL statements. An attacker can use this...

WordPress Post Content XMLRPC plugin SQL injection vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress Post Content XMLRPC plugin, which stems from the plugin'...

PHP Event Calendar Lite Edition is vulnerable to SQL injection

PHP Event Calendar is an open source AJAX-based multi-user modern event calendar. It is easy to integrate and fully customizable.PHP Event Calendar Lite Edition is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to obtain sensitive database data...

YouPHPTube catName parameter SQL injection vulnerability

YouPHPTube is a PHP-based video website system. youPHPTube is vulnerable to SQL injection in version 10.0 and earlier, which stems from the lack of validation of external input SQL statements for the catName parameter. An attacker could use this vulnerability to execute illegal SQL commands to...

WordPress Mangboard plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. WordPress Mangboard plugin has a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in order parameters, and can be used by attackers to...

FUEL CMS SQL Injection Vulnerability (CNVD-2021-74294)

FUEL CMS is a content management system CMS based on the Codelgniter framework. FUEL CMS in version 1.5.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameter col in the software's /FUEL/index.php/FUEL/logs/items for externally-inputted SQL...

Simple Water Refilling Station Management System SQL注入漏洞

Simple Water Refilling Station Management System is a simple water refilling station management system . A SQL injection vulnerability exists in the v1.0 version of Simple Water Refilling Station Management System, which originates from the application WaterRefilling/classes/Login.php, the userna...

EARCLINK ESPCMS SQL注入漏洞

Honghu Erchuang Netlink Information Technology EARCLINK ESPCMS is an enterprise website building system from China's Honghu Erchuang Netlink Information Technology Company. A SQL injection vulnerability exists in the espcmsweb/Search.php component of EARCLINK ESPCMS-P8, which can be exploited by...

CVE-2020-23149

The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information...

CVE-2020-23150

A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php...

jeecg SQL注入漏洞

Jeecg-Boot is a code generator-based intelligent development platform. jeecg-boot CMS version 2.3 of /jeecg boot/sys/dict/loadtreedata is vulnerable to SQL injection, which can be exploited by attackers to access sensitive database information...

CVE-2020-22174

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-appointment.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information...

CVE-2020-22169

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information...