PT-2025-2914 · Unknown · Fancy Product Designer

Name of the Vulnerable Software and Affected Versions: Fancy Product Designer versions n/a through 6.4.3 Description: The issue is related to an improper neutralization of special elements used in an SQL command, also known as a SQL Injection vulnerability. This vulnerability can allow an attacke...

Code-Projects Online Book Shop 安全漏洞

Code-Projects Online Book Shop is a Code-Projects open source online bookstore. A security vulnerability exists in Code-Projects Online Book Shop version 1.0, which originates from an SQL injection vulnerability in the usernm parameter of the /processlogin.php page...

CVE-2025-0232

A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /successadmin.php. The manipulation of the argument psw leads to sql injection. The attack may be launched remotely. The exploit has...

WordPress BSK Forms Blacklist plugin <= 3.9 - CSRF to SQL Injection vulnerability

CSRF to SQL Injection vulnerability discovered by minhtuanact Patchstack Alliance in WordPress Plugin BSK Forms Blacklist versions = 3.9...

Code-Projects Point of Sales and Inventory Management System 注入漏洞

Code-Projects Point of Sales and Inventory Management System is an open source point of sale and inventory management system from Code-Projects. An injection vulnerability exists in Code-Projects Point of Sales and Inventory Management System version 1.0, which originates from an SQL injection...

WordPress plugin Userpro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Complaint Management System /admin/state.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that stems from a lack of sufficient validation of the input of the state parameter in the /admin/state.php file. No details of the vulnerability are available at...

Chat System chatroom.php File SQL Injection Vulnerability

Chat System is a chat system. Chat System suffers from an SQL injection vulnerability that stems from the file /admin/chatroom.php not adequately validating and filtering the input of the id parameter. An attacker can exploit this vulnerability to obtain sensitive information...

PT-2024-9923 · Unknown · Job Recruitment

Name of the Vulnerable Software and Affected Versions: Job Recruitment version 1.0 Description: A critical vulnerability has been found in the function fln update of the file / parse/ all edits.php. The issue is related to the lack of neutralization of special elements when processing the...

WordPress plugin NEX-Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A SQL injection...

PT-2024-17795 · Unknown · Codezips Project Management System

Name of the Vulnerable Software and Affected Versions: Codezips Project Management System version 1.0 Description: A critical vulnerability was found in the Codezips Project Management System. It affects an unknown functionality of the file /pages/forms/advanced.php. The manipulation of the name...

WordPress BookingPress plugin <= 1.1.21 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by shaman0x01 in WordPress Plugin BookingPress versions = 1.1.21...

Redshift ODBC Driver 安全漏洞

Redshift ODBC Driver is an Amazon ODBC driver that is open source by Amazon Web Services. A security vulnerability exists in Redshift ODBC Driver version 2.1.5.0, which stems from an SQL injection vulnerability that could allow a user to gain escalated privileges via the SQLTables or SQLColumns...

Apache Traffic Control 安全漏洞

Apache Traffic Control is the United States Apache Apache Foundation's set of distributed , scalable content delivery solutions. The product is mainly used to build large-scale content delivery network. Apache Traffic Control suffers from a SQL injection vulnerability that stems from a lack of...

Beauty Parlour Management System login.php File SQL Injection Vulnerability

Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the...

Online Class and Exam Scheduling System term.php File SQL Injection Vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter id of the file /pages/term.php. ...

CVE-2024-12794

A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2024-8972

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mobil365 Informatics Saha365 App allows SQL Injection. This issue affects Saha365 App: before 30.09.2024...

WordPress plugin Instant Appointment SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress plugin Code Generator Pro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...