CVE-2024-35356

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=saveitem. Manipulating the argument id can result in SQL injection...

WordPress WP TripAdvisor Review Slider plugin <= 12.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Do Truong Giang Patchstack Alliance in WordPress Plugin WP TripAdvisor Review Slider versions = 12.6...

CVE-2024-4533

The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin users to perform SQL injection attacks...

Grup Arge Energy and Control Systems SmartPower Energy Management System SQL注入漏洞

Grup Arge Energy and Control Systems SmartPower Energy Management System is a web-based system from Grup Arge Energy and Control Systems developed specifically to improve energy efficiency in organizations. A SQL injection vulnerability exists in Grup Arge Energy and Control Systems SmartPower...

Online Student Enrollment System SQL注入漏洞

Online Student Enrollment System is an online student enrollment system by Lyndon Bermoy, an individual developer. A SQL injection vulnerability exists in Online Student Enrollment System version 1.0, which can be exploited by an attacker to view, add, modify, or delete information in the back-en...

Online Student Enrollment System SQL注入漏洞

Online Student Enrollment System is an online student enrollment system by Lyndon Bermoy, an individual developer. Online Student Enrollment System version 1.0 suffers from a SQL injection vulnerability that can be exploited by an attacker to view, add, modify, or delete information in the back-e...

PT-2024-35794 · Sourcecodester · Sourcecodester Hospital Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Hospital Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file departmentDoctor.php. The manipulation of the deptid argument leads to sql...

UBUNTU-CVE-2024-5314

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters sortorder y sortfield in...

J2EEFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the SysUreportFileMapper.xml findPa...

Campcodes Complete Web-Based School Management System SQL注入漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A SQL injection vulnerability exists in the Complete Web-Based School Management System version 1.0, which stems from an incorrect manipulation of the parameter teacherid that can...

WordPress Country State City Dropdown CF7 plugin <= 2.7.2 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Krzysztof Zając in WordPress Plugin Country State City Dropdown CF7 versions = 2.7.2...

MTab Bookmark 安全漏洞

MTab Bookmark is a clean cut powerful navigation site from MTab Inc. MTab Bookmark is a simple and powerful navigation site from MTab, which allows you to quickly add your favorite websites to your bookmarks. A security vulnerability exists in MTab Bookmark version 1.9.5, which originates from a...

CVE-2024-5116

A vulnerability, which was classified as critical, has been found in SourceCodester Online Examination System 1.0. Affected by this issue is some unknown functionality of the file save.php. The manipulation of the argument vote leads to sql injection. The attack may be launched remotely. The...

CVE-2024-5115

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teacherprofile.php. The manipulation of the argument index leads to sql injection. The attack can be launched...

PT-2024-34532 · Campcodes · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A critical issue affects the processing of the file /view/student profile1.php, where the manipulation of the std index argument leads to SQL injection. The attack...

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is used by ZOHO USA, Inc. to simplify auditing, demonstrate compliance and detect threats. A security vulnerability exists in ZOHO ManageEngine ADAudit Plus prior to version 7271, which stems from a vulnerability that allows SQL injection in dashboard graphical...

PT-2024-34519 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /view/student payment details4.php. The manipulation of the index argument lead...

CVE-2024-5105

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/studentpaymentdetails.php. The manipulation of the argument index leads to sql injection. It is possible to initiate the attack...

Simple Online Bidding System SQL Injection Vulnerability

Simple Online Bidding System is an online bidding system by oretnom23 individual developer. A SQL injection vulnerability exists in Simple Online Bidding System version 1.0, which originates from /simple-online-bidding-system/index.php, which contains unknown code that leads to SQL injection via...

Simple Chat System SQL Injection Vulnerability

Simple Chat System is a simple chat system by nurhodelta17 individual developer. A SQL injection vulnerability exists in Simple Chat System version 1.0, which stems from an incorrect manipulation of the parameters email/password that can lead to SQL injection...