711 matches found
Slims9 Bulian 9.4.2 - SQL Injection
Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. id: CVE-2021-45793 info: name: Slims9 Bulian 9.4.2 - SQL Injection author: nblirwn severity: high description: | Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data c...
EUVD-2026-21282
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
CVE-2026-6000
CVE-2026-6000 affects code-projects Online Library Management System 1.0, specifically the SQL Database Backup File Handler component handling the file /sql/library.sql. A manipulation of an unknown function leads to information disclosure. The vulnerability allows a remote attacker to access sen...
CVE-2026-6000 code-projects Online Library Management System SQL Database Backup File library.sql information disclosure
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
CVE-2026-6000 code-projects Online Library Management System SQL Database Backup File library.sql information disclosure
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...
Code-Projects Online Library Management System 访问控制错误漏洞
The Code-Projects Online Library Management System is an open-source online library management system developed by Code-Projects. Version 1.0 of the Code-Projects Online Library Management System contains a vulnerability related to access control. This vulnerability stems from incorrect operation...
EUVD-2026-14698
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated...
CVE-2026-4624
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated...
CVE-2026-4624
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated...
CVE-2026-4624 SourceCodester Online Library Management System Parameter home.php sql injection
A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated...
Alienor Web Libre SQL注入漏洞
Alienor Web Libre is a library management system developed by the Alienor company. Version 2.0 of Alienor Web Libre contains a SQL injection vulnerability. This vulnerability stems from the identifiant parameter in the index.php file, which allows for SQL injections, potentially enabling the...
CVE-2025-12707
The Library Management System plugin for WordPress is vulnerable to SQL Injection via the 'bid' parameter in all versions up to, and including, 3.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
WordPress Library Management System plugin <= 3.2.1 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by WordFence in WordPress Plugin Library Management System versions = 3.2.1...
CVE-2025-12707
The Library Management System plugin for WordPress is vulnerable to SQL Injection in all versions up to and including 3.2.1 via the bid parameter, due to insufficient escaping of user input and lack of proper query preparation. This allows unauthenticated attackers to append additional SQL querie...
CVE-2025-12707 Library Management System <= 3.2.1 - Unauthenticated SQL Injection
The Library Management System plugin for WordPress is vulnerable to SQL Injection via the 'bid' parameter in all versions up to, and including, 3.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
CVE-2025-12707 Library Management System <= 3.2.1 - Unauthenticated SQL Injection
The Library Management System plugin for WordPress is vulnerable to SQL Injection via the 'bid' parameter in all versions up to, and including, 3.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
PT-2026-20585
Name of the Vulnerable Software and Affected Versions Library Management System versions prior to 3.2.2 Description The Library Management System plugin for WordPress is susceptible to SQL Injection due to inadequate input validation and query preparation. Specifically, the bid parameter is not...
CVE-2020-36954
Xeroneit Library Management System 3.1 contains a stored cross-site scripting vulnerability in the Book Category feature that allows administrators to inject malicious scripts. Attackers can insert a payload in the Category Name field to execute arbitrary JavaScript code when the page is loaded...
CVE-2020-36954 Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS
Xeroneit Library Management System 3.1 contains a stored cross-site scripting vulnerability in the Book Category feature that allows administrators to inject malicious scripts. Attackers can insert a payload in the Category Name field to execute arbitrary JavaScript code when the page is loaded...
CVE-2020-36954
CVE-2020-36954 affects Xeroneit Library Management System 3.1. The vulnerability is a stored cross-site scripting (XSS) in the Book Category feature, where an attacker can inject a payload into the Category Name field and have arbitrary JavaScript execute when the page loads. The exploitation hin...