PT-2024-29316 · Unknown · Kashipara Responsive School Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Responsive School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the username parameter in the /smsa/student login.php endpoint. This can lead to data theft...

CVE-2024-7373

A vulnerability classified as critical has been found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=loadanswered. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit...

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from improper neutralization of...

WordPress Salon Booking System plugin <= 10.7 - Authenticated SQL Injection vulnerability

Authenticated SQL Injection vulnerability discovered by justakazh Patchstack Alliance in WordPress Plugin Salon booking system versions = 10.7...

SourceCodester Tracking Monitoring Management System SQL注入漏洞

SourceCodester Tracking Monitoring Management System is a monitoring management system from SourceCodester Inc. A SQL injection vulnerability exists in SourceCodester Tracking Monitoring Management System version 1.0, which is caused by an SQL injection vulnerability in the id parameter of the...

SourceCodester Simple Realtime Quiz System SQL注入漏洞

SourceCodester Simple Realtime Quiz System is a real-time quiz system from SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester Simple Realtime Quiz System version 1.0, which stems from an SQL injection vulnerability in the username parameter of the Login component in the...

SourceCodester Simple Realtime Quiz System 安全漏洞

SourceCodester Simple Realtime Quiz System is a real-time quiz system from SourceCodester, Inc. A security vulnerability exists in version 1.0 of the SourceCodester Simple Realtime Quiz System, which stems from an SQL injection vulnerability in the id parameter of the /managequiz.php file...

CVE-2024-7320

A vulnerability classified as critical has been found in itsourcecode Online Blood Bank Management System 1.0. This affects an unknown part of the file /admin/index.php of the component Admin Login. The manipulation of the argument user leads to sql injection. It is possible to initiate the attac...

Xinhu RockOA SQL注入漏洞

Xinhu RockOA is an office OA system of China Xinhu Company. A SQL injection vulnerability exists in Xinhu RockOA version 2.6.2, which originates from the parameter nickName in the function dataAction /webmain/task/openapi/openmodhetongAction.php, which can lead to SQL injection...

CVE-2024-41915

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit this vulnerability to obtain and modify sensitive information in...

PT-2024-38179

Name of the Vulnerable Software and Affected Versions: SourceCodester School Log Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file /admin/ajax.php?action=login. The manipulation of the username argument leads to SQL...

Xibo CMS SQL注入漏洞

Xibo CMS is an open source content management system from Xibo Digital Signage. Xibo CMS has a SQL injection vulnerability that originates from a SQL injection vulnerability in the API routing, which allows an attacker to obtain and modify arbitrary data in the Xibo database by injecting a...

CVE-2024-37858

SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/managecategory.php...

CVE-2024-7191

A vulnerability, which was classified as critical, has been found in itsourcecode Society Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/getbalance.php. The manipulation of the argument studentid leads to sql injection. The attack may be launched...

PT-2024-38163 · Simopro Technology · Winmatrix3 Web Package

Name of the Vulnerable Software and Affected Versions: WinMatrix3 Web package from Simopro Technology affected versions not specified Description: The issue concerns the login functionality, which lacks proper validation of user input. This allows unauthenticated remote attackers to inject SQL...

Online-Payroll-Management-System SQL注入漏洞

Online-Payroll-Management-System is an online payroll management system by the individual developer MD MAFUJUL HASAN. A SQL injection vulnerability exists in Online-Payroll-Management-System version 20230911 and prior versions, which stems from an incorrect manipulation of the parameter id that c...

Tianchoy Blog SQL注入漏洞

Tianchoy Blog is a blog site of Tianchoy personal developer. A SQL injection vulnerability exists in Tianchoy Blog version 1.8.8 and earlier versions, which stems from an incorrect operation of the search parameter that can lead to sql injection...

PT-2024-38059 · Sourcecodester · Sourcecodester Employee/Visitor Gate Pass Logging System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 Description: A critical issue has been found in the processing of the file /employee gatepass/classes/Master.php?f=delete department, where the manipulation of the id...

PT-2024-37996 · Unknown · Itsourcecode University Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode University Management System version 1.0 Description: A critical issue has been found in the itsourcecode University Management System. This issue affects the Login component, specifically the file functions.php. The manipulation...

PT-2024-5175 · Unknown · Tailoring Management System

Name of the Vulnerable Software and Affected Versions: Tailoring Management System version 1.0 Description: The issue is related to a lack of protection against SQL query structure exploitation in the templateadd.php file. This allows a remote attacker to execute arbitrary SQL code, gain...