2828 matches found
Engineers Online Portal SQL Injection Vulnerability
Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. Engineers Online Portal suffers from a SQL injection vulnerability that stems from manipulation of the id parameter that...
DedeBIZ SQL Injection Vulnerability
DedeBIZ is a content management system from China Muyun Intelligent Technology DedeBIZ company. A SQL injection vulnerability exists in DedeBIZ version 6.2, which stems from the fact that incorrect manipulation of the parameter ids can lead to sql injection...
Hospital Management System SQL Injection Vulnerability
Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. Hospital Management System has a SQL injection vulnerability that stems from the discovery of a contained SQL injection vulnerability...
CVE-2023-30415
Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/viewinquiry.php...
ZOHO ManageEngine Asset Management System SQL Injection Vulnerability
ZOHO ManageEngine Asset Management System is an asset management solution from ZOHO. A SQL injection vulnerability exists in ZOHO ManageEngine Asset Management System v1.0, which stems from vulnerability to an authenticated SQL injection vulnerability that could allow an authenticated attacker to...
Packers and Movers Management System SQL Injection Vulnerability
Packers and Movers Management System is a Packers and Movers Management System by Carlo Montero Individual Developer. A SQL injection vulnerability exists in Packers and Movers Management System v1.0, which originates from an SQL injection vulnerability contained in the id parameter via...
CVE-2023-44047
Sourcecodester Toll Tax Management System v1 is vulnerable to SQL Injection...
PT-2023-27044 · Unknown · Uplight Cookiebanner
Name of the Vulnerable Software and Affected Versions: UpLight cookiebanner versions prior to 1.5.1 Description: The issue is related to a SQL injection vulnerability via the component Hook::getHookModuleExecList. This vulnerability was discovered in UpLight cookiebanner. Recommendations: For...
PT-2023-28755 · Phpjabbers · Phpjabbers Php Shopping Cart
Name of the Vulnerable Software and Affected Versions: Phpjabbers PHP Shopping Cart version 4.2 Description: The issue is related to SQL Injection via the id parameter. This allows for potential exploitation. No information is provided about the estimated number of potentially affected devices...
CVE-2023-42660
In Progress MOVEit Transfer versions released before 2021.1.8 13.1.8, 2022.0.8 14.0.8, 2022.1.9 14.1.9, 2023.0.6 15.0.6, a SQL injection vulnerability has been identified in the MOVEit Transfer machine interface that could allow an authenticated attacker to gain unauthorized access to the MOVEit...
HotelDruid SQL Injection Vulnerability
Hoteldruid is a free and open source hotel management program from Hoteldruid. A security vulnerability exists in HotelDruid version v3.0.5, which stems from a SQL injection vulnerability in the parameter nutenteagg...
PT-2023-22220 · Nozomi Networks · Nozomi Networks Cmc +1
Name of the Vulnerable Software and Affected Versions: Nozomi Networks Guardian and CMC affected versions not specified Description: A SQL Injection issue, due to improper input validation in certain fields used in the Asset Intelligence functionality of the IDS, may allow an unauthenticated...
OpenRapid RapidCMS SQL Injection Vulnerability
OpenRapid RapidCMS is OpenRapid open source a fast and easy to use CMS system. OpenRapid RapidCMS version 1.3.1 SQL injection vulnerability , the vulnerability stems from the file /admin/article/article-add.php SQL injection vulnerability...
TONGDA Office Anywhere SQL Injection Vulnerability
TONGDA Office Anywhere is a collaborative office OA system. A SQL injection vulnerability exists in TONGDA Office Anywhere 11.10 and earlier versions, which stems from a SQL injection vulnerability in the parameter PLANID...
PT-2023-31400 · Infinitietech · Infinitietech Taskhub
Name of the Vulnerable Software and Affected Versions: infinitietech taskhub version 2.8.7 Description: A critical issue has been found in the GET Parameter Handler component, specifically affecting the /home/get tasks list file. The manipulation of the project/status/user id/sort/search argument...
CVE-2023-4832
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aceka Company Management allows SQL Injection. This issue affects Company Management: before 3072...
CVE-2023-42178
Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...
Exploit for SQL Injection in Simple_Online_Piggery_Management_System_Project Simple_Online_Piggery_Management_System
Online Piggery Farm Management Syst...
SUSE CVE-2023-39361
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graphview.php. Since guest users can access graphview.php without authentication by default, if guest users are being utilized in an enabled state, there...
CVE-2023-39654
abupy up to v0.4.0 was discovered to contain a SQL injection vulnerability via the component abupy.MarketBu.ABuSymbol.searchtosymboldict...