Projectworlds Leave Management System Project SQL Injection Vulnerability

Projectworlds Leave Management System Project is a leave management system project by Projectworlds India. Projectworlds Leave Management System Project v1.0 suffers from an SQL injection vulnerability that originates in the parameter setcasualleave in the file admin/setleaves.php...

PT-2023-32347 · Unknown · Sourcecodester Task Reminder System

Name of the Vulnerable Software and Affected Versions: SourceCodester Task Reminder System version 1.0 Description: A critical issue was found, affecting some unknown functionality of the file /classes/Master.php?f=delete reminder. The manipulation of the id argument leads to SQL injection. This...

CVE-2023-5781

A vulnerability, which was classified as critical, has been found in Tongda OA 2017 11.10. This issue affects the function DELETESTR of the file general/system/resmanage/monitor/deletewebmail.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2023-27255

Unauthenticated SQL injection in the DeleteRoomChanges method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

CVE-2023-26583

Unauthenticated SQL injection in the GetCurrentPeriod method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

Nipah virus Testing Management System SQL Injection Vulnerability

Nipah virus Testing Management System is an online virus diagnostic platform. A security vulnerability exists in version v.1.0 of the PHPGurukul Nipah Virus Testing Management System, which stems from the presence of a SQL injection vulnerability that allows remote attackers to escalate privilege...

IDAttend IDWeb SQL Injection Vulnerability

IDAttend IDWeb is a web-based module from IDAttend, Inc. A security vulnerability exists in IDAttend IDWeb version 3.1.052 and prior versions that stems from an unauthenticated SQL injection in the GetStudentGroupStudents method...

The vulnerability of the /importexport.php file in the D-Link DAR-7000 router microprogramming system allows a hacker to execute arbitrary SQL code.

The vulnerability of the /importexport.php file in the D-Link DAR-7000 router microprogramming system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

CVE-2023-44694

D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/mailrecvview.php...

CVE-2023-41262

An issue was discovered in /fcgi/scrutfcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV is vulnerable to SQL injection through the sorting parameter, allowing an unauthenticated user to execute arbitrary SQL statements in the context of the application...

CVE-2023-5046

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Biltay Technology Procost allows SQL Injection, Command Line Execution through SQL Injection. This issue affects Procost: before 1390...

CVE-2023-5045

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Biltay Technology Kayisi allows SQL Injection, Command Line Execution through SQL Injection. This issue affects Kayisi: before 1286...

Election Services SQL Injection Vulnerability

Election Services is an application from Election Services, Inc. Election Services Internet Election Service suffers from a security vulnerability that stems from susceptibility to SQL injection attacks, allowing an unauthenticated, remote attacker to read or modify data for any election that...

PrestaShop SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts, and product image scaling. A security vulnerability exists in PrestaShop, which stems from a SQL injection vulnerability in the disablejson.php...

PrestaShop SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, SMS alerts and product image zoom. A security vulnerability exists in PrestaShop due to an SQL injection vulnerability in the supercheckout.php component of...

PrestaShop SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts and product image scaling. PrestaShop suffers from an SQL injection vulnerability that originates from improper neutralization of SQL parameters ...

PrestaShop SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts, and product image scaling. PrestaShop suffers from an SQL injection vulnerability that originates from improper neutralization of SQL parameters...

PrestaShop SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts and product image scaling. PrestaShop suffers from a SQL injection vulnerability that originates from the disablejson.php component of the Change...

PT-2023-9164 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: PrestaShop Buy Addons baproductzoommagnifier module versions 1.0.16 and before Description: The issue is related to a lack of protection against SQL structure attacks in the BaproductzoommagnifierZoomModuleFrontController::run method of the...

TONGDA Office Anywhere SQL Injection Vulnerability

TONGDA Office Anywhere is a collaborative office OA system. TONGDA Office Anywhere 2017 suffers from a SQL injection vulnerability that stems from the fact that incorrect operation of the parameter RECRUITMENTID can lead to SQL injection...