WordPress Brands for WooCommerce Plugin SQL Injection Vulnerability

WordPress Brands for WooCommerce Plugin is a category of plugins for WordPress websites that specialize in helping WooCommerce online stores manage product brands. WordPress Brands for WooCommerce Plugin suffers from a SQL injection vulnerability that stems from the application's lack of validati...

Advantech iView SQL Injection Vulnerability (CNVD-2025-31061)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter...

QNAP Qsync Central SQL Injection Vulnerability

QNAP Qsync Central is a private cloud synchronization service launched by Weilian QNAP, which is mainly used to achieve real-time synchronization and backup of files between devices, with functions similar to GoogleDrive, Dropbox and other cloud storage services, but with the data stored in the...

Beauty Parlour Management System manage-services.php File SQL Injection Vulnerability

Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/manage-services.php. An attacker can...

Wazifa System updatesettings.php file SQL injection vulnerability

Wazifa System is a content management system. Wazifa System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Password in the file /controllers/updatesettings.php. An attacker can use this vulnerability to...

Local Services Search Engine Management System SQL Injection Vulnerability

Local Services Search Engine Management System is a local services search engine management system. Local Services Search Engine Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of the editid parameter in the file...

PHPGurukul Small CRM 注入漏洞

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter aremark in the file /admin/manage-tickets.php. An attacker can exploit this vulnerability ...

RuvarOA PageID Parameter SQL Injection Vulnerability

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of external SQL statements in the PageID parameter of the /WebUtility/getfindcondiction.aspx file. An attacker can exploit this...

PHPGurukul Small CRM 安全漏洞

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the Users login panel. No details of the vulnerability are available at this time...

Web-Based Student Clearance System SQL注入漏洞

Web-Based Student Clearance System is a web-based student clearance system. A SQL injection vulnerability exists in Web-Based Student Clearance System version 1.0, which originates from the lack of validation of externally entered SQL statements in the parameter Student in /libsystem/login.php. A...

Badminton Center Management System SQL注入漏洞（CNVD-2022-44725）

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. It provides an online and automated platform for badminton centers to manage their daily transactions and records. Badminton Center Management System v1.0 version has a SQL injectio...

J2eeFAST SQL注入漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free backend framework platform . J2eeFAST 2.2.1 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL...

WordPress Give SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Give is one of the fundraising platform plugins used in it. A SQL injection vulnerability exists in WordPress Give. The vulnerability...