CVE-2019-25728 Care2x 2.7 Hospital Information System SQL Injection via ck_config

Care2x 2.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by manipulating the ckconfig cookie parameter. Attackers can inject malicious SQL through the ckconfig cookie in multiple endpoints including login.php, indexframe.php...

CVE-2019-25728 Care2x 2.7 Hospital Information System SQL Injection via ck_config

Care2x 2.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by manipulating the ckconfig cookie parameter. Attackers can inject malicious SQL through the ckconfig cookie in multiple endpoints including login.php, indexframe.php...

ABIS BAPSİS 安全漏洞

ABIS BAPSİS is a research information system developed by the Turkish company ABIS, aimed at university research projects, academic budgets, and administrative processes management. Previous versions of ABIS BAPSİS, such as v.202604152042, contained security vulnerabilities. These vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2026-35235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable...

CDAC e-Sushrut 安全漏洞

CDAC e-Sushrut is a system platform provided by the Indian CDAC company that handles hospital information management and medical process support. There is a security vulnerability in CDAC e-Sushrut. This vulnerability stems from improper authentication logic, which relies on client response...

CVE-2024-46636

NASA Earth Observing System Data and Information System EOSDIS MODAPS v8.1 was discovered to contain a SQL injection vulnerability in the category parameter...

CVE-2024-46636

CVE-2024-46636 affects NASA EOSDIS MODAPS v8.1. The MODAPS web application has a SQL injection in the category parameter caused by improper input validation, enabling exploitation via HTTP GET parameter manipulation to access data and potentially execute arbitrary SQL queries on the backend Postg...

SIMS 路径遍历漏洞

SIMS is a student and teacher information management tool developed by RawChen. Versions of SIMS 004f783b1db5ecdfad81c8fdc3b34171211112de and earlier have a path traversal vulnerability. This vulnerability stems from the handling of the filename parameter in the DeleteFileServlet endpoint...

EUVD-2026-24439

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

EUVD-2026-23266

SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/viewemployee.php...

EUVD-2019-20091

C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the site parameter. Attackers can send GET requests to the usersselect.php endpoint with crafted S...

CVE-2019-25678

C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the site parameter. Attackers can send GET requests to the usersselect.php endpoint with crafted S...

PT-2026-30486

C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the site parameter. Attackers can send GET requests to the users select.php endpoint with crafted...

EUVD-2025-208903

The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable components include Terrapack TkWebCoreNG:: 1.0.20200914, Terrapack TKServerCGI 2.5.4.150, and Terrapack...

CGM CLININET 安全漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a security vulnerability that stems from the use of direct and continuous object identifiers called MessageID, without proper authorization checks. This vulnerability could allow attacke...

CGM CLININET 访问控制错误漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a vulnerability related to access control, which allows for complete bypass of authentication procedures. This vulnerability may lead to session hijacking and privilege escalation...

CGM CLININET 安全漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a security vulnerability, which stems from the lack of mechanisms to prevent clickjacking attacks. This vulnerability could allow attackers to embed malicious IFRAMES into the applicatio...

CGM CLININET 安全漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a security vulnerability, which stems from a flaw in smart card authentication. Verification can be completed using only the certificate number...

CGM CLININET 操作系统命令注入漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a vulnerability related to operating system command injection. This vulnerability arises from insufficient standardization of parameters at multiple endpoints, which may lead to code...

EUVD-2026-4743

QGIS is a free, open source, cross platform geographical information system GIS The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was vulnerable to remote code execution and repository compromise because it...