PHPGurukul Pre-School Enrollment System 注入漏洞

Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Status in file /admin/visitor-details.php. An...

Rail Pass Management System /admin/search-pass.php File SQL Injection Vulnerability

Rail Pass Management System is a rail pass management system. The Rail Pass Management System suffers from a SQL injection vulnerability that occurs when the searchdata parameter in the /admin/search-pass.php file is not properly filtered. An attacker can exploit this vulnerability to obtain...

PHPGurukul Rail Pass Management System 安全漏洞

Rail Pass Management System is a rail pass management system. The Rail Pass Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter editid in the file /admin/changeimage.php. An attacker can...

The vulnerability of the software for managing and monitoring remote devices in telemetry and telemechanics systems, related to the lack of measures taken to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.

The vulnerability of software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability of the software for managing and monitoring remote devices in telemetry and telemechanics systems, related to the lack of measures taken to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.

The vulnerability of software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

CVE-2025-46252

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kofimokome Message Filter for Contact Form 7 allows SQL Injection. This issue affects Message Filter for Contact Form 7: from n/a through 1.6.3.2...

webpy 注入漏洞

webpy is a simple and powerful python web framework from webpy open source. An injection vulnerability exists in webpy version 0.70, which stems from an incorrect manipulation of the parameter seqname in the file web/db.py resulting in SQL injection...

SourceCodester Online Eyewear Shop 注入漏洞

SourceCodester Online Eyewear Shop is a SourceCodester open source online eyewear store website project developed using PHP and MySQL, which provides an online shopping and ordering platform for the eyewear business and its potential customers. An injection vulnerability exists in SourceCodester...

Vulnerabilities fixed in Siemens TeleControl Server

Siemens has fixed vulnerabilities in TeleControl Server Basic. The vulnerabilities are in how the TeleControl Server Basic allows SQL injection through various methods, such as 'CreateTrace,' 'VerifyUser,' 'Authenticate,' and many others. These vulnerabilities allow unauthenticated and...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method GetUsers, which can be exploited by an attacker to bypass authorizatio...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UnlockGeneralSettings, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, UnlockGateway, which can be exploited by an attacker to bypass authorization controls an...

SourceCodester Web-based Pharmacy Product Management System 注入漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. An injection vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System, which originates from a SQL injection due ...

PT-2025-16854 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that can be exploited by an attacker to bypass authorization controls and execute arbitrary code...

WordPress plugin Kargo Entegratör SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A SQL injection...

ClickHouse 环境问题漏洞

ClickHouse is a ClickHouse open source one of the fastest and most resource efficient open source databases for real-time applications and analytics. A security vulnerability exists in ClickHouse that originates when a query contains large uncompressed malicious external data, which allows an...

WordPress plugin CardGate CardGate Payments for WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

jerryhanjj ERP 安全漏洞

jerryhanjj ERP is an ERP import, export, storage and marketing system developed by Jerry's personal developer. A security vulnerability exists in jerryhanjj ERP version 1.0, which is caused by a SQL injection in the setpassword function of home.php...

CVE-2025-27686

Dell Unisphere for PowerMax, versions prior to 10.2.0.9 and PowerMax versions prior to PowerMax 9.2.4.15, contain an Improper Neutralization of Special Elements used in an LDAP Query 'LDAP Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this...