72crm SQL注入漏洞

72crm is China 72crm open source based on TP5.0 + ElementUI of a former CRMvueCRM system . 72crm 9.0 version of a security vulnerability , the vulnerability stems from viewing the task calendar in the presence of SQL injection...

Gym Management System SQL注入漏洞

Gym Management System is a gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, database backup and restore. A SQL injection vulnerabilit...

PT-2022-21709 · Wwbn · Avideo

Name of the Vulnerable Software and Affected Versions: WWBN AVideo versions 11.6 Description: A SQL injection issue exists in the ObjectYPT functionality, allowing an attacker to inject SQL by manipulating the videoDownloadedLink or duration parameter in the aVideoEncoder functionality, which can...

CVE-2022-34773

Tabit - HTTP Method manipulation. https://bridge.tabit.cloud/configuration/addresses-query - can be POST-ed to add addresses to the DB. This is an example of OWASP:API8 – Injection...

novel-plus SQL注入漏洞

novel-plus novel-plus is a multi-end PC, WAP reading, full-featured original literature CMS system. A security vulnerability exists in novel-plus v3.6.1, which is caused by an SQL injection vulnerability in the keyword parameter /service/impl/BookServiceImpl.java...

CVE-2022-36242

Clinic's Patient Management System v1.0 is vulnerable to SQL Injection via /pms/updatemedicine.php?id=...

WordPress Plugin be-popia-compliant SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. The WordPress Plugin be-popia-compliant...

PT-2022-18203 · Unknown · Sourcecodester Online Class/Exam Scheduling System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Class and Exam Scheduling System version 1.0 Description: A critical vulnerability was found in the SourceCodester Online Class and Exam Scheduling System, affecting an unknown functionality of the file /pages/faculty...

Interview Management System SQL注入漏洞

Interview Management System is an interview management system for janobe individual developers. A SQL injection vulnerability exists in version 1.0 of Interview Management System, which stems from some unknown handling code in /viewReport.php where entering a special string for the parameter id c...

Online Admission System SQL注入漏洞

Online Admission System is an online admission system by the individual developer RASHMI KUMARI. The Online Admission System suffers from a SQL injection vulnerability that stems from an unknown function in its GET parameter handling component that operates on the parameter eid, which could lead ...

CVE-2022-35864

This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It! 20.21.02.109. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetPopupSubQueryDetails endpoint. The issue results from the lack of...

WordPress Plugin JS Help Desk SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2022-34950

Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editproduct.php...

Pharmacy Management System SQL注入漏洞

Pharmacy Management System MPMS is a multi-lingual pharmacy management system by Mayuri K. Personal developer. version v1.0 of Pharmacy Management System is vulnerable to SQL injection, which stems from the startDate parameter in getsalereport.php parameter in getsalereport.php lacks validation f...

CVE-2022-22280

Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions...

CVE-2022-36161

Orange Station 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...

CVE-2022-29709

CommuniLink Internet Limited CLink Office v2.0 was discovered to contain multiple SQL injection vulnerabilities via the username and password parameters...

CVE-2017-20134

A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument sk leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2022-32056

Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php...

Hospital Management System SQL注入漏洞

Hospital Management System HMS is a computer system that helps manage health care-related information and helps health care providers do their jobs efficiently. hospital Management System v1.0 is vulnerable to an SQ injection vulnerability that originates in the doctorlogin.php page. A SQL...