Online Diagnostic Lab Management System SQL注入漏洞

Online Diagnostic Lab Management System is an online diagnostic lab management system. Online Diagnostic Lab Management System v1.0 has a SQL injection vulnerability, which can be exploited to perform SQL injection via the id parameter of /odlms/admin/?page=appointments/viewappointment...

CVE-2022-3802

A vulnerability has been found in IBAX go-ibax and classified as critical. This vulnerability affects unknown code of the file /api/v2/open/rowsInfo. The manipulation of the argument where leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

Online Diagnostic Lab Management System SQL注入漏洞

Online Diagnostic Lab Management System is an online diagnostic lab management system. A SQL injection vulnerability exists in Online Diagnostic Lab Management System v1.0, which was discovered to contain an SQL injection vulnerability via the id parameter of /appointments/updatestatus.php...

PT-2022-20193 · Red Os · Red Os

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue allows for SQL injection, both authenticated and unauthenticated, through a vulnerable parameter. This parameter can be used to craft and inject complex SQL commands due t...

WordPress plugin WordPress Classifieds Plugin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

Canteen Management System SQL注入漏洞

Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. A SQL injection vulnerability exists in Canteen Management System version 1.0, which stems from the userid parameter of /phpaction/fetchOrderData.php being susceptible to SQL injection...

SEMCMS SQL注入漏洞

SEMCMS is a multilingual content management system CMS for foreign trade websites. A SQL injection vulnerability exists in SEMCMS SHOP version 1.1, which stems from a SQL injection issue in AntMenu.php...

Online Medicine Ordering System 安全漏洞

Online Medicine Ordering System is an online medicine ordering system by Carlo Montero, an individual developer. A security vulnerability exists in version 1.0 of the Online Medicine Ordering System due to an unknown function in its admin/?page=orders/vieworder file that operates on the parameter...

WordPress plugin Spam protection SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blogs on PHP and MySQL servers. ghost is a plugin for importing/exporting WordPress data, and WordPress plugin is an...

Best Student Result Management System SQL注入漏洞

Best Student Result Management System is a student result management system by Mayuri K. Individual developer. A security vulnerability exists in version 1.0 of Best Student Result Management System, which stems from an SQL injection issue in the /upresult/upresult/notice-details.php?nid= locatio...

OpenCats SQL注入漏洞

OpenCats is an open source recruitment process management system. OpenCats v0.9.6 suffers from a SQL injection vulnerability that stems from a security issue with the entriesPerPage variable. No details of the vulnerability are provided at this time...

PT-2022-24886 · Ree6 · Ree6

Name of the Vulnerable Software and Affected Versions: Ree6 versions prior to 1.7.0 Description: This issue allows manipulation of SQL queries. The estimated number of potentially affected devices is not provided. There are no reported real-world incidents where this issue was exploited. The issu...

PT-2022-26431 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the handling of...

The vulnerability of the index.php implementation in the Metinfo CMS system allows a perpetrator to execute arbitrary SQL code.

The vulnerability of the index.php script implementation in the Metinfo CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

SourceCodester Food Ordering Management System 安全漏洞

Food Ordering Management System is a food ordering management system from Carlo Montero's personal developer. The Food Ordering Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements by username, and can be exploited by attackers...

JFinal SQL注入漏洞

JFinal is a Java-based language WEB ORM open source framework. JFinal CMS version 5.1.0 SQL injection vulnerability , the vulnerability stems from its several interfaces do not use the same components , and did not apply filters , and each interface uses its own SQL connection method , an attacke...

PT-2022-25367 · Unknown · Wedding Planner

Name of the Vulnerable Software and Affected Versions: Wedding Planner version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/admin/feature edit.php" API endpoint. Recommendations: For Wedding Planner versi...

Online Banking System SQL注入漏洞

Online Banking System is an online banking system developed using PHP and MySQL. v1.0 of Online Banking System has a security vulnerability that originates in the searchterm parameter in the /net-banking/customertransactions.php location. term parameter in /net-banking/customertransactions.php ha...

PT-2022-21153 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions prior to 3.18.6 Rocket.Chat versions prior to 4.4.4 Rocket.Chat versions prior to 4.7.3 Description: A SQL injection issue exists, allowing an attacker to retrieve a reset password token or a 2fa secret. Recommendations:...

CVE-2022-2177

Kayrasoft product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in version 2...