PT-2024-38947 · Sweetcms · Sweetcms

Name of the Vulnerable Software and Affected Versions: master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f Description: A critical issue affects the unknown code of the file /table/index, leading to sql injection. The attack can be initiated remotely. This issue is declared as...

CVE-2024-39653

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E4J s.R.L. VikRentCar allows SQL Injection.This issue affects VikRentCar: from n/a through 1.4.0...

WordPress plugin TI WooCommerce Wishlist SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress plugin Easy Digital Downloads SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS v12.9, which stems from a SQL injection vulnerability in the parameter key of...

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is ZOHO's solution for simplifying audits, proving compliance and detecting threats. A SQL injection vulnerability exists in ZOHO ManageEngine ADAudit Plus prior to version 8121, which can be exploited by an attacker to execute custom queries and access database tab...

PT-2024-36592 · Zohocorp · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8121 Description: The issue concerns an authenticated SQL injection vulnerability in the extranet lockouts report option. This vulnerability can be exploited by authenticated users, potentiall...

Payroll Management System SQL注入漏洞

Payroll Management System is itsourcecode open source payroll management system. Payroll Management System version 1.0 has a SQL injection vulnerability , the vulnerability stems from the login.php file username parameter has a SQL injection vulnerability...

School-Management-System 安全漏洞

School-Management-System is a school management system by the individual developer Jyothi Babu Araja. A security vulnerability exists in School-Management-System due to an SQL injection vulnerability in the medium parameter of the paidclass.php page...

Han ERP 安全漏洞

Han ERP is an ERP import/export system developed by Han Individual Developer. A security vulnerability exists in the ERP that originates from the /index.php/basedata/contact/delete?action=delete location that contains a SQL injection vulnerability...

WordPress plugin tagDiv Opt-In Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

code-projects Job Portal 安全漏洞

Code-Projects Job Portal is Code-Projects open source PHP-based job search website system. A security vulnerability exists in code-projects Job Portal version 1.0, which is caused by an SQL injection vulnerability in the email parameter of the logindbc.php page...

Simple Online Bidding System SQL注入漏洞

Simple Online Bidding System is an online bidding system by oretnom23 individual developer. A SQL injection vulnerability exists in Simple Online Bidding System version 1.0, which stems from an incorrect manipulation of the parameter username that can lead to sql injection...

CVE-2024-7750

A vulnerability has been found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /medicines.php. The manipulation of the argument medicinename leads to sql injection. The attack can be launche...

DEBIAN-CVE-2023-41884

ZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This vulnerability is fixed in 1.36.34...

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is used by ZOHO to simplify auditing, demonstrate compliance and detect threats. A security vulnerability exists in ZOHO ManageEngine ADAudit Plus version 8110 and prior versions, which stems from vulnerability to authenticated SQL injection attacks in a file audit...

PT-2024-38475 · Sourcecodester · Sourcecodester Leads Manager Tool

Name of the Vulnerable Software and Affected Versions: SourceCodester Leads Manager Tool version 1.0 Description: A critical issue was found in the Delete Leads Handler component, specifically in the file /endpoint/delete-leads.php. The leads argument is vulnerable to SQL injection, which can be...

PT-2024-29316 · Unknown · Kashipara Responsive School Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Responsive School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the username parameter in the /smsa/student login.php endpoint. This can lead to data theft...

CVE-2024-7373

A vulnerability classified as critical has been found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=loadanswered. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit...

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from improper neutralization of...