2828 matches found
PT-2024-1097 · Sourcecodester · Sourcecodester Engineers Online Portal
Name of the Vulnerable Software and Affected Versions: SourceCodester Engineers Online Portal version 1.0 Description: The issue is related to the lack of protection of the SQL query structure in the /admin/ component of the Admin Login feature. This allows a remote attacker to execute arbitrary...
WordPress Plugin GEO my WordPress SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin GEO my...
WordPress Plugin Page Generator SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...
CVE-2023-50589
Grupo Embras GEOSIAP ERP v2.2.167.02 was discovered to contain a SQL injection vulnerability via the codLogin parameter on the login page...
CVE-2023-4674
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yaztek Software Technologies and Computer Systems E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: through 20231229. NOTE: The vendor was contacted early about this...
PT-2023-31668 · Unknown · Login Lockdown
Name of the Vulnerable Software and Affected Versions: Login Lockdown – Protect Login Form versions n/a through 2.06 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection'. This allows for potential exploitation by...
CVE-2023-50857
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...
CVE-2023-4671
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Talent Software ECOP allows Command Line Execution through SQL Injection. This issue affects ECOP: before 32255...
PT-2023-32912 · Unknown · Campcodes Online College Library System
Name of the Vulnerable Software and Affected Versions: Campcodes Online College Library System version 1.0 Description: A critical vulnerability has been found in the Search component of the Campcodes Online College Library System, affecting unknown code in the file index.php. The manipulation of...
PT-2023-32255 · WordPress · Wp Mail Log
Name of the Vulnerable Software and Affected Versions: WP Mail Log WordPress plugin versions prior to 1.1.3 Description: The issue arises from the WP Mail Log WordPress plugin not properly sanitizing and escaping a parameter before using it in a SQL statement, leading to a SQL injection. This can...
Water Billing System SQL Injection Vulnerability
SourceCodester Water Billing System is a water billing system from SourceCodester, Inc. A security vulnerability exists in code-projects Water Billing System version 1.0, which originates from an unknown section of /addbill.php that causes SQL injection via the parameter ownerid...
PT-2023-31294 · Unknown · Job Portal
Name of the Vulnerable Software and Affected Versions: Job Portal version 1.0 Description: The issue concerns an Unauthenticated SQL Injection vulnerability. Specifically, the txtTime parameter of the "Employer/InsertWalkin.php" resource does not validate the characters received, and they are sen...
PT-2023-31292 · Unknown · Job Portal
Name of the Vulnerable Software and Affected Versions: Job Portal version 1.0 Description: The issue concerns unauthenticated SQL Injection vulnerabilities. Specifically, the txtDesc parameter of the "Employer/InsertWalkin.php" resource does not validate the characters received, sending them...
Tongda2000 SQL Injection Vulnerability
Tongda2000 is a network intelligent office system of China Tongda Tongda Company. Tongda2000 11.9 and previous versions exist SQL injection vulnerability, the vulnerability stems from General/wiki/cp/ct/view.php in the existence of some unknown processing, through the parameter TEMPID lead to SQL...
CVE-2023-32128
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in a...
PT-2023-23148 · Unknown · Foxskav Easy Bet
Name of the Vulnerable Software and Affected Versions: Foxskav Easy Bet versions 1.0.2 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection'. This allows attackers to inject malicious SQL code,...
CVE-2023-6898
A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function of the file manageuser.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The...
CVE-2023-48050
SQL injection vulnerability in Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance aka odoo-biometric-attendance v. 13.0 through 16.0.1 allows a remote attacker to execute arbitrary code and to gain privileges via the db parameter in the controllers/controllers.py...
CVE-2023-49363
Rockoa 2.3.3 is vulnerable to SQL Injection. The problem exists in the indexAction method in reimpAction.php...
RockOA Security Breach
RockOA Xinhuo is an open source office OA system. RockOA 2.3.3 before the version of a security vulnerability , the vulnerability stems from the vulnerability to SQL injection attacks...