DingFlow 安全漏洞

DingFlow is DingFlow open source is committed to helping small and medium-sized intelligent office system. DingFlow v.2.0.0 version of a security vulnerability , the vulnerability stems from the system/role/list interface of the dataScope parameter SQL injection vulnerability...

Autoexpress 安全漏洞

AutoExpress is a car dealership application for car dealers and car buyers by Raymart DG Individual Developer. A security vulnerability exists in Autoexpress version 1.3.0, which stems from the presence of a SQL injection vulnerability that could allow an unauthenticated, remote attacker to execu...

Abast SCAN_VISIO eDocument Suite Web Viewer 安全漏洞

Abast SCANVISIO eDocument Suite Web Viewer is a document viewer from Abast. A security vulnerability exists in Abast SCANVISIO eDocument Suite Web Viewer, which originates from an SQL injection vulnerability in the user parameter of the landing page. An unauthenticated attacker could use this...

Sentrifugo SQL注入漏洞

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from a lack of validation of...

Campcodes Complete Online DJ Booking System SQL注入漏洞

Campcodes Complete Online DJ Booking System is an online DJ booking system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Complete Online DJ Booking System, which originates from a SQL injection vulnerability in the searchdata parameter of the...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China, for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and...

CVE-2024-2675

A vulnerability, which was classified as critical, has been found in Campcodes Online Job Finder System 1.0. This issue affects some unknown processing of the file /admin/company/index.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The explo...

Campcodes Online Job Finder System SQL Injection Vulnerability

Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from a SQL injection vulnerability in the id parameter of the /admin/employee/index.php file...

Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability

Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform from Fujian Kelixin Company. A SQL injection vulnerability exists in Fujian Kelixin Command and Dispatch Platform version 20240318 and earlier versions, which originates from an unknown function in...

Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability

Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform of Fujian Kelixin Company. A SQL injection vulnerability exists in Fujian Kelixin Command and Dispatch Platform version 20240318 and earlier versions, which originates from an unknown function in...

AMSS++ SQL Injection Vulnerability

AMSS++ is a tool for office management support systems from Amssplus. An SQL injection vulnerability exists in AMSS++ version 4.31, which originates from an SQL injection vulnerability in the personid parameter of the /amssplus/modules/person/picshow.php page...

CVE-2024-2532

A vulnerability classified as critical was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/update-users.php. The manipulation of the argument id leads to sql injection. The attack can be launched...

Online-College-Event-Hall-Reservation-System Security Vulnerability

Online-College-Event-Hall-Reservation-System is an online college event hall reservation system by Magesh K individual developer. Designed to automate the hall booking process to eliminate manual logging and increase efficiency. A security vulnerability exists in...

CVE-2023-41504

SQL Injection vulnerability in Student Enrollment In PHP 1.0 allows attackers to run arbitrary code via the Student Search function...

Hotel Booking Management Security Breach

Hotel Booking Management is a database web application for hotel booking management by Pratham Personal Developer. A security vulnerability exists in Hotel Booking Management v1.0, which was discovered to contain an SQL injection vulnerability through the npss parameter in rooms.php...

PT-2024-18933 · Sourcecodester · Sourcecodester Online Mobile Management Store

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Mobile Management Store version 1.0 Description: A critical issue has been found in the software, affecting some unknown functionality of the file /admin/product/manage product.php. The manipulation of the id argument...

Petrol Pump Management Software SQL Injection Vulnerability

Petrol Pump Management Software is a gasoline pump management software by mayurik individual developer. A SQL injection vulnerability exists in Petrol Pump Management Software version 1.0, which stems from an SQL injection issue in the /admin/editsupplier.php file...

CVE-2024-1928

A vulnerability, which was classified as critical, has been found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit-admin.php of the component Edit User Profile Page. The manipulation of the argument Fullname lea...

CVE-2024-1927

A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file /Admin/login.php. The manipulation of the argument txtpassword leads to sql injection. The attack can be launched...

CVE-2023-7110

A vulnerability, which was classified as critical, has been found in code-projects Library Management System 2.0. This issue affects some unknown processing of the file login.php. The manipulation of the argument student leads to sql injection. The attack may be initiated remotely. The exploit ha...