CVE-2023-40771

SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function...

PT-2023-9132 · Synology · Video Station

Name of the Vulnerable Software and Affected Versions: Video Station versions prior to 5.7.2 Description: A SQL injection issue affects Video Station, related to a lack of protection against SQL query structure attacks. This could allow a remote attacker to execute arbitrary code by injecting...

PT-2023-29578 · Unknown · Sourcecodester Inventory Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Inventory Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Inventory Management System. The issue affects an unknown functionality of the file staff data.php. The manipulation ...

CVE-2023-37438

Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and...

CVE-2023-37432

Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and...

CVE-2023-23563

An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to obtain sensitive database content via SQL Injection...

Aruba Networks EdgeConnect SD-WAN Orchestrator SQL注入漏洞

Aruba Networks EdgeConnect is an edge connectivity management platform from Aruba Networks, USA. A security vulnerability exists in the Aruba Networks EdgeConnect SD-WAN Orchestrator that stems from an SQL injection vulnerability in the web-based management interface...

Online Travel Agency System SQL注入漏洞

Online Travel Agency System is an online travel agency system by Qaseem Hilal Personal Developer. A security vulnerability exists in Online Travel Agency System version v.1.0, which can be exploited to execute arbitrary code from the id parameter of the dailyexpenditureedit.php file...

PHPJabbers Document Creator SQL Injection Vulnerability

PHPJabbers Document Creator is a PHPJabbers open source document creator. A security vulnerability exists in PHPJabbers Document Creator v1.0, which stems from an SQL injection in the column parameter of ndex.php...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

Nozomi Networks Guardian/CMC SQL Injection Vulnerability

Nozomi Networks Guardian/CMC is a centralized management console from Nozomi Networks, Inc. in the United States. An SQL injection vulnerability exists in Nozomi Networks Guardian/CMC that stems from incorrect input validation of sort parameters...

CVE-2023-3651

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Digital Ant E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: before 11...

Maid Hiring Management System Cross-Site Scripting Vulnerability

PHPGurukul Maid Hiring Management System is a maid hiring management system from PHPGurukul, Inc. A security vulnerability exists in Maid Hiring Management System v1.0, which originates from a SQL injection vulnerability in the Search Maid page...

CVE-2023-4200

A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file productdata.php.. The manipulation of the argument columns1data leads to sql injection. The attack can be initiated remotely. The exploi...

BA Gallery SQL Injection Vulnerability in Joomla!

Joomla! is a set of forum components used in the Joomla! content management system. A security vulnerability exists in Joomla! BA Gallery that stems from improper neutralization of special elements, which can lead to SQL injection...

The vulnerability of the PHP platform pimcore, related to the lack of measures taken to protect the SQL query structure, allows attackers to carry out attacks based on SQL injections.

The vulnerability of the PHP platform pimcore is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to carry out attacks based on SQL injections...

Open-Xchange AppSuite SQL Injection Vulnerability

Open-Xchange AppSuite is a set of Web cloud desktop environments from Open-Xchange Germany. The environment allows users to more intuitively manage email, tasks, files, and more. An SQL injection vulnerability exists in Open-Xchange AppSuite, which stems from an SQL injection vulnerability in the...

PT-2023-20633 · Unknown · Cacheservice

Name of the Vulnerable Software and Affected Versions: cacheservice affected versions not specified Description: The cacheservice API could be exploited to indirectly inject parameters with SQL syntax that was not properly sanitized, allowing attackers to execute arbitrary SQL queries when creati...

CVE-2023-37647

SEMCMS v1.5 was discovered to contain a SQL injection vulnerability via the id parameter at /AntSuxin.php...

SEMCMS SQL注入漏洞

SEMCMS is a foreign trade web content management system CMS that supports multiple languages. SEMCMS version 1.5 suffers from a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in the parameter id of /AntSuxin.php, which can be exploited b...