Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability

Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform from Fujian Kelixin Company. A SQL injection vulnerability exists in Fujian Kelixin Command and Dispatch Platform version 20240313 and earlier versions, which stems from an incorrect operation of the parameter imei th...

Employee Task Management System SQL Injection Vulnerability

Employee Task Management System is an Employee Task Management System by Carlo Montero Personal Developer. An SQL injection vulnerability exists in Employee Task Management System version 1.0, which stems from an incorrect operation of the parameter adminid that can result in an sql injection...

CVE-2022-46498

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the docnumber parameter at hisadminviewsingleemployee.php...

PT-2024-21157 · Unknown · Cd Custom Fields 4 Orders

Name of the Vulnerable Software and Affected Versions: CD Custom Fields 4 Orders version 1.0.0 and earlier Description: A SQL injection issue exists, allowing a guest to perform malicious actions. Recommendations: For versions 1.0.0 and earlier, update to a version later than 1.0.0 to resolve the...

BIT-PINNIPED-2022-22975

An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name CN of their user entry on the LDAP or AD server to include special characters, which could be used ...

Customer Support System 安全漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a SQL injection vulnerability that originates from...

CodeAstro Membership Management System SQL Injection Vulnerability

CodeAstro Membership Management System is a membership management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Membership Management System version 1.0, which originates from a SQL injection vulnerability in the parameter currency in the file settings.php...

PT-2024-18685 · Sourcecodester · Sourcecodester Petrol Pump Management

Name of the Vulnerable Software and Affected Versions: SourceCodester Petrol Pump Management Software version 1.0 Description: A critical issue has been found in the software, affecting the file /admin/app/login crud.php. The manipulation of the email argument leads to SQL injection. It is possib...

PT-2024-18687 · Sourcecodester · Sourcecodester Petrol Pump Management

Name of the Vulnerable Software and Affected Versions: SourceCodester Petrol Pump Management Software version 1.0 Description: A critical issue has been found in the software, affecting the processing of the file /admin/edit categories.php. The manipulation of the id argument leads to sql...

CVE-2024-1982

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the getrestoreprogress and restore functions in all versions up to, and including, 0.9.68. This makes it possible for unauthenticated attackers to exploit a SQL...

Library Management System SQL Injection Vulnerability

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A SQL injection vulnerability exists in Library Management System version 2.0, which stems from the presence of a SQL injection vulnerabilit...

WordPress Plugin Migration, Backup, Staging Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

WordPress Plugin Malware Scanner SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Likeshop Security Breach

Likeshop is a complete solution for social commerce strategies from Likeshop Open Source. A security vulnerability exists in Likeshop versions prior to 2.5.7 that stems from the presence of a SQL injection vulnerability that allows attackers to run arbitrary SQL commands via the...

PT-2024-5191

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. The specific flaw exis...

PMB SQL Injection Vulnerability

PMB is a 100% free document management reference tool from the PMB Services team. A SQL injection vulnerability exists in PMB version v.7.4.7, which originates from a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code via thesaurus parameter in...

Employee Managment System SQL Injection Vulnerability

Employee Managment System is an employee management system. An SQL injection vulnerability exists in Employee Managment System v1.0, which originates from a SQL injection vulnerability in the file /delete.php...

CVE-2024-1207

The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendarrequestparamsdatesddmmyycsv' parameter in all versions up to, and including, 9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

Novel-Plus SQL Injection Vulnerability

Novel-Plus is an online social reading and writing platform from Novel-Plus, Inc. A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and earlier versions, which stems from a SQL injection vulnerability in the path /system/dataPerm/list...

jshERP SQL Injection Vulnerability

jshERP Huaxia ERP is a homegrown ERP system developed by a Chinese individual developer, Ji Sheng Hua. A SQL injection vulnerability exists in jshERP v3.3, which is caused by insufficient filtering of the "column" and "order" parameters...