EasyTest SQL注入漏洞

Easytest is an online learning quiz platform of China Huaqi Digital Technology Company. A security vulnerability exists in EasyTest due to insufficient validation of user input in the parameters of its Download function, which allows a remote attacker with normal user privileges to inject arbitra...

CVE-2022-4372

The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as...

IS_Projecto2 SQL注入漏洞

ISProjecto2 is an application by Ricardo Simões Personal Developer. ISProjecto2 suffers from a SQL injection vulnerability that stems from a misuse of the parameter date resulting in sql injection...

CVE-2022-46763

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...

WordPress Plugin Contest Gallery SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Plugin Contest Gallery SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Plugin Contest Gallery SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2022-7106 · Ibm · Ibm Navigator For I

Name of the Vulnerable Software and Affected Versions: IBM Navigator for i versions 7.3 through 7.5 Description: The issue is related to the lack of protection for the SQL query structure in the IBM Navigator graphical interface of the IBM i operating system. This could allow a remote attacker to...

IBM Navigator for i SQL注入漏洞

IBM Navigator for i is a console interface used in IBMi by International Business Machines IBM to perform and manage critical tasks in IBMi. IBM Navigator for i is vulnerable to SQL injection in versions 7.3, 7.4, and 7.5. The vulnerability stems from the application's lack of validation of...

LMeve SQL注入漏洞

LMeve is the Industry Manager and Contribution Tracker for EVE Online. LMeve suffers from a security vulnerability that stems from the manipulation of the parameter X-Forwarded-For by some unknown functionality of its Login Page component resulting in SQL injection...

CVE-2021-31650

A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter...

CVE-2022-20517

In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20518

In query of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770203...

CVE-2022-46072

Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL Injection...

Canteen Management System SQL注入漏洞

Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. A security vulnerability exists in Canteen Management System that stems from an incorrect manipulation of the parameter customerid resulting in sql injection...

Exploit for SQL Injection in Reputeinfosystems Bookingpress

CVE-2022-0739 Python PoC Exploit for CVE-2022-0739https://n...

CVE-2022-3711

A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA...

Canteen Management System SQL注入漏洞

Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. A security vulnerability exists in Canteen Management System. An attacker could exploit this vulnerability to perform a sql injection attack...

PT-2022-26253 · Unknown · Online-Shopping-System-Advanced

Name of the Vulnerable Software and Affected Versions: Online-shopping-system-advanced version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the p parameter at the "/shopping/product.php" API endpoint. Recommendations: For...

JeecgBoot Jeecg-Boot SQL注入漏洞

Jeecg-Boot is a code generator based low-code platform from the JeecgBoot community. JeecgBoot A security vulnerability exists in Jeecg-Boot version v3.4.3, which stems from the discovery of a contained SQL injection vulnerability via component /sys/dict/queryTableData...