235 matches found
Exploit for SQL Injection in Escanav Escan_Management_Console
eScan Management Console 14.0.1400.2281 - SQL Injection Auth...
CVE-2023-31702
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...
PT-2023-23422 · Microworld · Microworld Escan Management Console
Name of the Vulnerable Software and Affected Versions: MicroWorld eScan Management Console version 14.0.1400.2281 Description: The issue allows a remote attacker to perform SQL injection in the View User Profile feature, enabling them to dump the entire database and gain a Windows XP command shel...
MicroWorld eScan Management Console SQL注入漏洞
MicroWorld eScan Management Console is a control panel from MicroWorld Japan. It helps system administrators remotely manage all eScan client computers on a network. A security vulnerability exists in MicroWorld eScan Management Console version 14.0.1400.2281, which stems from the presence of SQL...
Companymaps 8.0 SQL Injection
Exploit Title: Unauthenticated SQL injection - Google Dork: - Date: 27.04.2023 - Exploit Author: Lucas Noki 0xPrototype - Vendor Homepage: https://github.com/vogtmh - Software Link: https://github.com/vogtmh/cmaps - Version: 8.0 - Tested on: Mac, Windows, Linux - CVE : CVE-2023-29809 Description:...
Yoga Class Registration System v1.0 - Multiple SQLi
Exploit Title: Yoga Class Registration System v1.0 - Multiple SQLi Date: 19/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html Software...
Online Pizza Ordering System 1.0 SQL Injection
Exploit Title: Online Pizza Ordering System 1.0 - "id" SQLi Date: 19/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Software Download:...
Exploit for SQL Injection in Reputeinfosystems Bookingpress
CVE-2022-0739 My take on CVE-2022-0739 BookingPress exploit,...
CVE-2022-42923
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'id' parameter in the 'appCore/index.php?r=adm/mediagallery/delete'...
CVE-2022-41680
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'searchvalue parameter in the...
CVE-2022-41680
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'searchvalue parameter in the...
CVE-2022-42924
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'dynfilter' parameter in the...
CVE-2022-42924
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'dynfilter' parameter in the...
CVE-2022-42923
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'id' parameter in the 'appCore/index.php?r=adm/mediagallery/delete'...
Sql injection
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'id' parameter in the 'appCore/index.php?r=adm/mediagallery/delete'...
Sql injection
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'searchvalue parameter in the...
Sql injection
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'dynfilter' parameter in the...
CVE-2022-42924 SQL injection in Forma LMS
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'dynfilter' parameter in the...
CVE-2022-41680 SQL Injection in Forma LMS
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'searchvalue parameter in the...
CVE-2022-41680
Forma LMS (versions 3.1.0 and earlier) is affected by a SQL injection in the search[value] parameter of appLms/ajax.server.php?r=mycertificate/getMyCertificates. An authenticated attacker with the role of student could exploit this to dump the entire database. The vulnerability is documented acro...