Grand Vice info Webopac SQL注入漏洞

Grand Vice info Webopac is an online public access catalog from China Xinxueying Info Grand Vice info. It is used for users to use library services through the Internet. A SQL injection vulnerability exists in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3, whic...

Job Recruitment 安全漏洞

Job Recruitment by code-projects is a job portal project developed using PHP, CSS, JavaScript, and MySQL technologies. A security vulnerability exists in Job Recruitment version 1.0, which originates from an SQL injection vulnerability in the ehash parameter of the /activation.php page...

PT-2024-34973 · Unknown · Richteam Share Buttons – Social Media

Name of the Vulnerable Software and Affected Versions: Richteam Share Buttons – Social Media versions 1.0.2 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection', which allows Blind SQL Injection. This...

CVE-2024-10987

A vulnerability was found in code-projects E-Health Care System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Doctor/userappointment.php. The manipulation of the argument scheduleid/scheduledate/scheduleday/starttime/endtime/booking...

PT-2024-34496 · Sourcecodester · Sourcecodester Loan Management System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Cab Management System version 1.0 Description: A SQL injection issue in manage client.php and view cab.php allows remote attackers to execute arbitrary SQL commands via the id parameter, leading to unauthorized access and...

Codezips Hospital Appointment System 注入漏洞

Codezips Hospital Appointment System is an open source hospital appointment system from Codezips. An injection vulnerability exists in Codezips Hospital Appointment System version 1.0, which stems from the parameter ID of the file /editBranchResult.php that can cause SQL injection...

Cisco Nexus Dashboard Fabric Controller SQL注入漏洞

The Cisco Nexus Dashboard Fabric Controller is a cloud and data center network management software controller that simplifies the operation and management of data center networks. The Cisco Nexus Dashboard Fabric Controller suffers from a SQL injection vulnerability that can be exploited by remot...

Portábilis i-Educar SQL注入漏洞

Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. A SQL injection vulnerability exists in Portábilis i-Educar version 2.8.0, which stems from improper parameter cleanup and is susceptible to SQL injection attacks...

A vulnerability exists in the web/ajax/event.php module of the ZoneMinder video surveillance software, which allows a intruder to execute arbitrary code.

The vulnerability in the web/ajax/event.php module of the ZoneMinder video surveillance software lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting a specially crafted SQL query...

Code-Projects E-Health Care System 安全漏洞

Code-Projects E-Health Care System is a Code-Projects open source e-health care system. A security vulnerability exists in Code-Projects E-Health Care System version 1.0, which stems from an SQL injection in the parameter id...

ZOHO ManageEngine ADManager Plus 安全漏洞

ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO, Inc. designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks, such as batch management of user...

PT-2024-16501 · Unknown · Itsourcecode Farm Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Farm Management System version 1.0 Description: A critical issue was discovered in the itsourcecode Farm Management System. The vulnerability affects an unknown functionality of the file manage-breed.php. The manipulation of the...

ESAFENET CDG SQL注入漏洞

EsafeNet CDG is a document security management system from EsafeNet. A SQL injection vulnerability exists in ESAFENET CDG v5, which originates from the parameter id of the file /com/esafenet/servlet/system/SystemEncryptPolicyService.java that can lead to SQL injection...

WordPress SIP Reviews Shortcode for WooCommerce plugin <= 1.2.3 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by WordFence in WordPress Plugin SIP Reviews Shortcode for WooCommerce versions = 1.2.3...

CVE-2024-10561

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file birdsupdate.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

PT-2024-34508 · Unknown · Projectworlds Online Admission System

Name of the Vulnerable Software and Affected Versions: Projectworlds Online Admission System version v1 Description: The issue is related to SQL Injection in the index.php file via the a id parameter. This allows for potential exploitation. No information is provided about the estimated number of...

EsafeNet CDG SQL注入漏洞

EsafeNet CDG is a document security management system from EsafeNet. A SQL injection vulnerability exists in EsafeNet CDG, which stems from an incorrect manipulation of the parameter fileId that can lead to sql injection...

ZoneMinder SQL注入漏洞

ZoneMinder is an open source video surveillance software system from ZoneMinder Open Source. The system supports IP, USB, and analog cameras, among others. A SQL injection vulnerability exists in ZoneMinder 1.37.64 and previous versions 1.37.X. The vulnerability stems from web/ajax/event.php bein...

PT-2024-38931

Name of the Vulnerable Software and Affected Versions: langchain-ai/langchain version 0.2.5 langchain-ai/langchain-community version 0.2.5 Description: A vulnerability in the GraphCypherQAChain class allows for SQL injection through prompt injection, leading to unauthorized data manipulation, dat...

PT-2024-33123 · Mrbs · Mrbs

Name of the Vulnerable Software and Affected Versions: MRBS version 1.5.0 Description: The issue is related to an SQL injection vulnerability found in the edit entry handler.php file, specifically affecting the rooms%5B%5D parameter. Recommendations: For MRBS version 1.5.0, avoid using the...