2791 matches found
WordPress plugin Ultimate Gift Cards for WooCommerce SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Ultimate Gift Cards for WooCommerce plugin suffers from an SQL injection vulnerability that stems from the application's lack of validation of externally entered S...
CVE-2025-3951
The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations...
Marwal Infotech CMS 注入漏洞
Marwal Infotech CMS is a content management system from Marwal Infotech. An injection vulnerability exists in Marwal Infotech CMS version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter ID in the file /page.php...
CVE-2025-5375
A vulnerability was found in PHPGurukul HPGurukul Online Birth Certificate System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/registered-users.php. The manipulation of the argument del leads to sql injection. It is possible to launch the attack...
CVE-2025-5365
A vulnerability was found in Campcodes Online Hospital Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/patient-search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack remotely...
JeeWMS 注入漏洞
JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. JeeWMS 20250504 and previous versions of injection vulnerability exists, the vulnerability stems from the file /cgAutoListController.do?datagrid function CgAutoListController SQL injection...
SourceCodester Health Center Patient Record Management System 安全漏洞
SourceCodester Health Center Patient Record Management System is a SourceCodester open source health center patient record management system. A security vulnerability exists in SourceCodester Health Center Patient Record Management System version 1.0, which is caused by a SQL injection due to an...
The vulnerability of the UpdateProject method in the software for managing and monitoring removed objects in telemetry and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the UpdateProject method in software for managing and monitoring removed objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...
CVE-2025-5298
A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/betweendates-detailsreports.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch th...
CampCodes Online Hospital Management System 安全漏洞
CampCodes Online Hospital Management System is an online hospital management system from CampCodes, Inc. A security vulnerability exists in CampCodes Online Hospital Management System version 1.0, which is caused by a SQL injection due to an incorrect manipulation of the parameter adminremark in...
CampCodes Online Hospital Management System 注入漏洞
CampCodes Online Hospital Management System is an online hospital management system from CampCodes, Inc. An injection vulnerability exists in CampCodes Online Hospital Management System version 1.0, which originates from a SQL injection due to an incorrect operation of the Doctorspecialization...
llisoft MTA Maita Training System 注入漏洞
The llisoft MTA Maita Training System is a training system from China Dongke llisoft. An injection vulnerability exists in version 4.5 of the llisoft MTA Maita Training System, which results from an SQL injection due to the operation of the parameter stTypeIds...
CVE-2024-37843
Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint...
CVE-2024-1576
SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator password. This issue affects MegaBIP software versions through 5.09...
CVE-2024-37858
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/managecategory.php...
CVE-2024-5235
A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teachersalaryinvoice.php. The manipulation of the argument teacherid leads to sql injection. It is possible to launch the attack...
CVE-2024-10423
A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0. Affected is an unknown function of the file /student/projectselection/projectselection.php of the component Project Selection Page. The manipulation of the argument projectid lead...
CVE-2024-9011
A vulnerability, which was classified as critical, was found in code-projects Crud Operation System 1.0. Affected is an unknown function of the file updata.php. The manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2023-0758
A vulnerability was found in glorylion JFinalOA 1.0.2 and classified as critical. This issue affects some unknown processing of the file src/main/java/com/pointlion/mvc/common/model/SysOrg.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...
CVE-2023-30016
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via subeventid parameter in subeventdetailsedit.php...