CVE-2022-37203

JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection...

CVE-2022-38304

Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manageleavetype.php...

CVE-2021-44835

An issue was discovered in Active Intelligent Visualization 5. The Vdc header is used in a SQL query without being sanitized. This causes SQL injection...

CVE-2022-36732

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /librarian/dele.php...

CVE-2022-36696

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletestockout...

PT-2022-21709 · Wwbn · Avideo

Name of the Vulnerable Software and Affected Versions: WWBN AVideo versions 11.6 Description: A SQL injection issue exists in the ObjectYPT functionality, allowing an attacker to inject SQL by manipulating the videoDownloadedLink or duration parameter in the aVideoEncoder functionality, which can...

Online Admission System SQL注入漏洞

Online Admission System is an online admission system by the individual developer RASHMI KUMARI. The Online Admission System suffers from a SQL injection vulnerability that stems from an unknown function in its GET parameter handling component that operates on the parameter eid, which could lead ...

CVE-2022-29709

CommuniLink Internet Limited CLink Office v2.0 was discovered to contain multiple SQL injection vulnerabilities via the username and password parameters...

Exploit for Expression Language Injection in Vmware Spring_Data_Mongodb

Springcve-2022-22980 spring data mongodb remote code executio...

CVE-2022-33060

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteschedule...

UBUNTU-CVE-2021-41689

DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack...

CVE-2022-32405

Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/prisons/viewprison.php:4...

CVE-2022-32401

Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manageprivilege.php:4...

74cms SQL注入漏洞

74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from the lack of validation of external input SQL statements in the /freelance/resumelist keyword parameter. An attacker could use this vulnerability to execute...

74cms SQL注入漏洞

74cms is an online recruitment system based on PHP and MySQL by China Xunyi Technology Company. A SQL injection vulnerability exists in 74cmsSE v3.5.1, which originates from the lack of validation of externally entered SQL statements in the keyword parameter of /home/campus/campusjob. An attacker...

CVE-2022-31296

Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/viewpost.php...

ZZCMS SQL注入漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. A security vulnerability exists in ZZCMS 2019 version, which can be exploited by an attacker to perform a SQL injection attack via the id parameter in /admin/dlsendmail.php...

YouDianCMS SQL注入漏洞

YouDianCMS is a website CMS. YoudianCMS version v9.5.0 suffers from a SQL injection vulnerability, which originates from the id parameter at /App/Lib/Action/Admin/SiteAction.class.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

PEEL Shopping CMS SQL注入漏洞

PEEL Shopping CMS is a shopping platform. A SQL injection vulnerability exists in PEEL Shopping CMS version 9.4.0, which stems from a lack of filtering of SQL data in utilisateurs.php. An attacker belonging to the Administrators group can inject malicious SQL queries to affect the application's...

Patient Records Management System SQL注入漏洞

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. Management System is vulnerable to a SQL injection vulnerability that originates in /hprms/admin/rooms/viewroom.php?id=...