CVE-2024-4915

A vulnerability, which was classified as critical, was found in Campcodes Online Examination System 1.0. Affected is an unknown function of the file result.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

Cloud customer service management platform 安全漏洞

Cloud customer service management platform is an application. A security vulnerability exists in Cloud customer service management platform, which originates from the presence of a SQL injection vulnerability that could allow a local attacker to execute arbitrary code via a crafted payload...

Visitor Management System 安全漏洞

Visitor Management System is a visitor management system. A security vulnerability exists in SourceCodester Visitor Management System version 1.0, which originates from a SQL injection vulnerability that allows an attacker to execute arbitrary SQL commands via the id parameter...

Human Resource Management System 安全漏洞

Human Resource Management System is a human resource management system by maverickosama Personal Developer. A security vulnerability exists in Sourcecodester Human Resource Management System version 1.0, which stems from vulnerability to SQL injection attacks...

RuvarOA 安全漏洞

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by a lack of validation of external SQL statements in the /WorkFlow/OfficeFileUpdate.aspx file. An attacker can exploit this vulnerability to execute illegal SQ...

PT-2024-20977 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the sys file storage id parameter at the "/WorkFlow/wf work finish file down.aspx" API endpoint...

F5 BIG-IP SQL注入漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A SQL injection vulnerability exists in F5 BIG-IP Next Central Manager, which can be exploited by an attacker to send crafted...

J2EEFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version exists SQL injection vulnerability , the vulnerability stems from the authRoleList function in the...

J2EEFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the list function of the sqlfilter...

CVE-2024-33411

A SQL injection vulnerability in /model/getadminprofile.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the myindex parameter...

Roothub 安全漏洞

Roothub is a forum system developed using SSM and MySQL. A security vulnerability exists in Roothub v2.6, which was discovered to contain an SQL injection vulnerability via the "s" parameter in the search function...

CVE-2023-44450

NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to explo...

CVE-2023-44450

NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to explo...

CVE-2023-38099

NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required...

Voltronic Power ViewPower 安全漏洞

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower Pro suffers from a SQL injection vulnerability that is caused by failing to properly validate a user-supplied string before constructing a SQL query using it. An attack...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China. Delta Electronics DIAEnergie GetDIACloudList suffers from a SQL injection vulnerability that can be exploited by an attacker to view, add, modify, or delete information in the back-end...

Kliqqi 安全漏洞

Kliqqi is a Content Management System CMS. A security vulnerability exists in Kliqqi-CMS version 2.0.2, which originates from a SQL injection vulnerability in the file loaddata.php...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics Taiwan, China used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximiz...

PT-2024-25656 · Delta Electronics · Diaenergie

Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAEnergie affected versions not specified Description: The issue is an SQL injection vulnerability that exists in the script Handler CFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the...

CVE-2024-33911

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4...