HubBank SQL注入漏洞

HubBank is an application from HubBank, Inc. A security vulnerability exists in HubBank version 1.0.2, which stems from a SQL injection vulnerability in the /admin/viewusers.php endpoint...

PT-2024-30030 · Bluenet Technology · Bluenet Technology Clinical Browsing System

Name of the Vulnerable Software and Affected Versions: BlueNet Technology Clinical Browsing System version 1.2.1 Description: A critical issue has been found, affecting an unknown part of the file /xds/deleteStudy.php. The manipulation of the documentUniqueId argument leads to SQL injection. It i...

F-logic DataCube3 安全漏洞

F-logic DataCube3 is a small measurement terminal system from F-logic Japan. A security vulnerability exists in F-logic DataCube3 version v.1.0, which stems from a SQL injection vulnerability in the reqid parameter...

PT-2024-3094 · Solarwinds · Solarwinds Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: A vulnerability was identified in the user interface of the SolarWinds Platform, related to a SWQL injection issue. This vulnerability requires authentication and user interacti...

CVE-2024-28558

SQL Injection vulnerability in sourcecodester Petrol pump management software v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin/app/webcrud.php...

Macrob7 Macs Framework Cms 安全漏洞

Macrob7 Macs Framework Cms is an open source Cms framework by the individual developer Macdonald Terrence Robinson. A security vulnerability exists in Macrob7 Macs CMS version 1.1.4f and earlier, which stems from the presence of a SQL injection vulnerability that could allow a remote attacker to...

PHPGurukul Small CRM SQL注入漏洞

Small CRM is a customer relationship management system. A SQL injection vulnerability exists in Small CRM, which stems from a lack of validation of externally-entered SQL statements in the change password handler. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

Desdev DedeCMS SQL注入漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open source content management system CMS from China's Zhuozhuo Network Desdev. The system features content publishing, content management, content editing and content retrieval. DedeCMS 5.7.112-UTF8 has a SQL injection...

WordPress Advanced Page Visit Counter plugin <= 8.0.6 - Auth. SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Advanced Page Visit Counter versions = 8.0.6...

Advocate Office Management System SQL注入漏洞

Advocate Office Management System is an office management system by the individual developer mayurik. A SQL injection vulnerability exists in Advocate Office Management System version 1.0, which originates from a SQL injection vulnerability in the file /control/adds.php...

Church Management System 安全漏洞

Church Management System is a church management system. A security vulnerability exists in version 1.0 of the Church Management System, which stems from an SQL injection vulnerability in the Gender parameter of the /admin/addsundaysch.php file...

Church Management System SQL注入漏洞

Church Management System is a church management system. A SQL injection vulnerability exists in version 1.0 of the Church Management System, which is caused by a SQL injection vulnerability in the password parameter of the login.php file...

PT-2024-24000 · Solwin Infotech · Solwin Infotech User Activity Log

Name of the Vulnerable Software and Affected Versions: Solwin Infotech User Activity Log versions 1.8 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation b...

CVE-2024-31507

Sourcecodester Online Graduate Tracer System v1.0 is vulnerable to SQL Injection via the "request" parameter in admin/fetchgendercs.php...

CVE-2024-3458

A vulnerability classified as critical was found in Netentsec NS-ASG Application Security Gateway 6.3. This vulnerability affects unknown code of the file /admin/addikev2.php. The manipulation of the argument TunnelId leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2024-31260

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WisdmLabs Edwiser Bridge.This issue affects Edwiser Bridge: from n/a through 3.0.2...

Online Courseware SQL注入漏洞

DPEC Online Courseware is an online courseware system from DPEC Corporation. A SQL injection vulnerability exists in version 1.0 of Online Courseware, which originates from a SQL injection attack in the contact parameter of the admin/saveditt.php file...

Online Library System SQL注入漏洞

Online Library System is an open source online library system. A SQL injection vulnerability exists in SourceCodester Online Library System version 1.0, which is caused by a SQL injection vulnerability in the IBSN parameter of the admin/books/controller.php file...

SourceCodester Aplaya Beach Resort Online Reservation System SQL注入漏洞

Aplaya Beach Resort Online Reservation System is the online room reservation system for Aplaya Beach Resort. SourceCodester Aplaya Beach Resort Online Reservation System version 1.0 has a SQL injection vulnerability that originates from an SQL injection in the id parameter of the...

CVE-2024-3314

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php. The manipulation leads to sql injection. The attack may be initiated remotely. The identifier VDB-259385 was...