864 matches found
Sql injection
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nomineeid=...
Sql injection
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agentid=...
Sql injection
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?clientid=...
CVE-2022-29998
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?clientid=...
CVE-2022-29998
Insurance Management System 1.0 is vulnerable to SQL Injection via the endpoint /insurance/clientStatus.php with the vulnerable parameter client_id . The root cause is improper handling of the input, allowing attacker-controlled queries to manipulate the database. The PT-2022-19957 advisory notes...
CVE-2022-29999
The CVE-2022-29999 entry concerns Insurance Management System 1.0, which is vulnerable to SQL Injection through the /insurance/editClient.php?client_id= endpoint. The vulnerability is triggered by the client_id parameter, enabling potential unauthorized access to or leakage of data. Reported by m...
CVE-2022-29999
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?clientid=...
CVE-2022-30000
CVE-2022-30000 affects Insurance Management System 1.0. A SQL injection flaw exists in the /insurance/editPayment.php endpoint, via the recipt_no parameter, allowing manipulation of database queries. Root cause is improper input handling for this parameter. Exploitation details are not provided i...
CVE-2022-30000
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?reciptno=...
CVE-2022-30001
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agentid=...
CVE-2022-30001
CVE-2022-30001 maps to a SQL Injection vulnerability in Insurance Management System 1.0, exploitable through the /insurance/editAgent.php?agent_id= endpoint where the agent_id parameter can be manipulated to inject SQL. The vulnerability is confirmed across multiple sources; the PT-2022-19961 adv...
CVE-2022-30002
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nomineeid=...
CVE-2022-30002
CVE-2022-30002 affects Insurance Management System 1.0 with a SQL Injection vulnerability in the endpoint /insurance/editNominee.php?nominee_id=. Root cause is unsafe handling of the nominee_id parameter, enabling arbitrary SQL execution. CVSS metrics in the record indicate Moderate to High impac...
Insurance Management System SQL注入漏洞
Insurance Management System is an insurance management system from the personal developer Angel Jude Reyes Suarez. Insurance Management System 1.0 is vulnerable to SQL injection, which could be exploited by attackers to obtain information about data in the target system...
PT-2022-19957 · Unknown · Insurance Management System
Name of the Vulnerable Software and Affected Versions: Insurance Management System version 1.0 Description: The issue concerns SQL Injection via the /insurance/clientStatus.php endpoint, specifically through the client id parameter. This allows for potential manipulation of database queries...
Insurance Management System SQL注入漏洞
Insurance Management System is an insurance management system from the personal developer Angel Jude Reyes Suarez. Insurance Management System 1.0 is vulnerable to SQL injection, which could be exploited by attackers to obtain information about data in the target system...
Ionize SQL注入漏洞
Ionize is a free professional and native multi-language PHP CMS. dedicated to web designers and web agencies to simply delight their customers. A security vulnerability exists in Ionize v1.0.8.1, which originates from a SQL injection point in application/models/articlemodel.php in the Insurance...
PT-2022-19961 · Unknown · Insurance Management System
Name of the Vulnerable Software and Affected Versions: Insurance Management System version 1.0 Description: The issue allows for SQL Injection via the "/insurance/editAgent.php?agent id=" endpoint, where an attacker can manipulate the agent id variable to inject malicious SQL code. Recommendation...
Insurance Management System SQL注入漏洞
Insurance Management System is an insurance management system from the personal developer Angel Jude Reyes Suarez. Insurance Management System 1.0 is vulnerable to SQL injection, which could be exploited by attackers to obtain information about data in the target system...
PT-2022-19962 · Unknown · Insurance Management System
Name of the Vulnerable Software and Affected Versions: Insurance Management System version 1.0 Description: The issue concerns SQL Injection via the /insurance/editNominee.php?nominee id= endpoint. This allows for potential manipulation of database queries using the nominee id parameter...