ZTE MF286R SQL Injection Vulnerability

The ZTE MF286R is a wireless router from ZTE Corporation ZTE of China. A security vulnerability exists in the ZTE MF286R that stems from the presence of a SQL injection vulnerability...

CVE-2023-6765

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function prepare of the file emailsetup.php. The manipulation of the argument name leads to sql injection. The exploit has been disclosed to the public a...

OTCMS SQL Injection Vulnerability

OTCMS Nettie CMS is an article-based web content management system CMS. A SQL injection vulnerability exists in OTCMS version 7.01, which originates from the parameter sqlContent in the file /admin/indbackstage.php that can lead to SQL injection...

ProLion CryptoSpike Security Vulnerability

ProLion CryptoSpike is ProLion's solution for detecting and combating suspicious activity. A security vulnerability exists in ProLion CryptoSpike version 3.0.15P2 that stems from SQL injection when a user searches a REST API endpoint...

CVE-2023-6647

A vulnerability, which was classified as critical, has been found in AMTT HiBOS 1.0. Affected by this issue is some unknown functionality. The manipulation of the argument Type leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be use...

CVE-2023-6464

A vulnerability was found in SourceCodester User Registration and Login System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/add-user.php. The manipulation of the argument user leads to sql injection. The attack may be launched remotely...

PT-2023-32225

Name of the Vulnerable Software and Affected Versions ArslanSoft Education Portal versions prior to 1.1 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

VulnCheck KEV: CVE-2022-0826

The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users...

Nipah Virus Testing Management System Security Vulnerability

Nipah Virus Testing Management System is an online virus diagnostic platform. A security vulnerability exists in version 1.0 of the PHPGurukul Nipah Virus Testing Management System, which stems from an incorrect manipulation of the parameter empid that can lead to sql injection...

CVE-2023-40056

SQL Injection Remote Code Vulnerability was found in the SolarWinds Platform. This vulnerability can be exploited with a low privileged account...

Free and Open Source Inventory Management System SQL Injection Vulnerability

Inventory Management System is an inventory management system by stemword individual developers. A SQL injection vulnerability exists in Free and Open Source Inventory Management System version 1.0, which stems from an incorrect manipulation of the columns parameter that can lead to sql injection...

PT-2023-32611 · Sourcecodester · Sourcecodester Loan Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Loan Management System version 1.0 Description: A critical issue affects the function delete ltype of the file delete ltype.php in the Loan Type Page component. The manipulation of the ltype id argument leads to SQL injection...

meshery SQL Injection Vulnerability

meshery is a software application. A multi-service grid management plane that provides lifecycle, configuration and performance management of service grids and their workloads. An SQL injection vulnerability exists in meshery versions prior to 0.6.179, which stems from the presence of a SQL...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts, and product image zoom and other features. A security vulnerability exists in PrestaShop Product Catalog CSV, Excel, XML Export PRO 5.0.0 and...

CVE-2023-46581

SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary code via the name, uname and email parameters in the registration.php component...

Inventory Management System SQL Injection Vulnerability

Inventory Management System is an inventory management system by the individual developer of stemword. A SQL injection vulnerability exists in Inventory Management System version V1.0, which originates from a vulnerability that allows local attackers to execute arbitrary SQL commands via the id...

PT-2023-6916 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions up to 11.9 Description: A critical issue was found in Tongda OA, affecting some unknown functionality of the file general/vehicle/checkup/delete.php. The manipulation of the VU ID argument leads to SQL injection...

CVE-2023-41285

A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.4 and later...

Tongda OA 2017 Security Breach

Tongda2000 is a network intelligent office system from China Tongda Tongda. A security vulnerability exists in Tongda OA 2017 11.9 and earlier versions, which originates from a SQL injection vulnerability in the parameter TERMIDSTR in the file general/wiki/cp/manage/lock.php...

CVE-2023-46785

Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the partnerpreference.php resource does not validate the characters received and they are sent unfiltered to the database...