ECShop SQL Injection Vulnerability

ShopeX ECShop is an open source mall system of the Chinese business school ShopeX company . Support PC + H5 + APP + small program mall , source code free download experience , suitable for enterprise development and build mall. ECShop 4.1.1 version of the existence of SQL injection vulnerability ...

Tongda OA SQL Injection Vulnerability

Tongda2000 is a web-based intelligent office system from China Tongda Tongda. Tongda OA 2017 suffers from a SQL injection vulnerability that stems from the fact that incorrect operation of the parameter EXPERTID can lead to SQL injection...

SourceCodester Best Courier Management System SQL Injection Vulnerability

Best Courier Management System is a courier management system by Mayuri K. Individual developer. SourceCodester Best Courier Management System version 1.0 suffers from a SQL injection vulnerability that stems from a parameter id in the file viewparcel.php that can lead to sql injection...

Toll Tax Management System SQL Injection Vulnerability

Toll Tax Management System is a toll tax management system from the individual developer Carlo Montero. A security vulnerability exists in Sourcecodester Toll Tax Management System v1 that stems from vulnerability to SQL injection attacks...

SiberianCMS SQL Injection Vulnerability

Siberian is an open source CMS from Siberian. A SQL injection vulnerability exists in SiberianCMS. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...

WS_FTP Server SQL Injection Vulnerability

Progress Software WSFTP Server is an effective and highly manageable FTP server from Progress Software, USA. A SQL injection vulnerability exists in WSFTP Server versions prior to 8.7.4, 8.8.2. An attacker exploiting this vulnerability is able to infer information about the structure and content ...

Online Job Portal SQL Injection Vulnerability

Online Job Portal is an online job portal for janobe individual developers. A security vulnerability exists in Online Job Portal version v.2020 that could allow a remote attacker to execute arbitrary code via the ForPass.php component...

TONGDA Office Anywhere SQL Injection Vulnerability

TONGDA Office Anywhere is a collaborative office OA system. A SQL injection vulnerability exists in TONGDA Office Anywhere version 2017, which stems from a SQL injection vulnerability in the parameter RELATIVESID...

PT-2023-31521 · Sourcecodester · Simple Membership System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Membership System version 1.0 Description: A critical issue was found in the Simple Membership System, affecting an unknown functionality of the file club validator.php. The manipulation of the club argument leads to SQL...

Super Store Finder SQL Injection Vulnerability

Super Store Finder is an easy-to-use Google Maps API store finder program Super Store Finder by Super Store Finder. A security vulnerability exists in Super Store Finder version v.3.6, which stems from a vulnerability that allows a remote attacker to execute arbitrary code via a carefully crafted...

Lenosp SQL Injection Vulnerability

Lenosp is a Spring Boot 2.0 rapid development modular scaffolding organized by Zhengzhou Programmers zzdevelop in China. A security vulnerability exists in Lenosp versions 1.0.0 through 1.2.0, which stems from easy SQL injection via the Log Query module...

BlackBerry AtHoc SQL Injection Vulnerability

BlackBerry AtHoc is a crisis communications solution for federal, state and local governments, public safety and law enforcement agencies, and schools from BlackBerry Canada. A security vulnerability exists in BlackBerry AtHoc version 7.15, which stems from a SQL injection vulnerability in the...

CVE-2023-40946

Schoolmate 1.3 is vulnerable to SQL Injection in the variable $username from SESSION in ValidateLogin.php...

AnythingLLM SQL Injection Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM versions prior to 0.0.1 suffer from a SQL injection vulnerability that stems from susceptibility to SQL injection attacks...

Contact Manager App SQL Injection Vulnerability

Contact Manager App is a contact manager application from the individual developer Remy Andrade. A SQL injection vulnerability exists in Contact Manager App version 1.0, which originates from a SQL injection attack via add.php...

Google Android SQL Injection Vulnerability

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...

Frappe Technologies Frappe SQL Injection Vulnerability

Frappe Technologies Frappe is a Python, Mariadb-based web development framework with integrated front-end pages from Frappe Technologies, India. Frappe suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to access sensitive information...

DEBIAN-CVE-2023-39357

Cacti is an open source operational monitoring and fault management framework. A defect in the sqlsave function was discovered. When the column type is numeric, the sqlsave function directly utilizes user input. Many files and functions calling the sqlsave function do not perform prior validation...

CVE-2023-35065

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Osoft Paint Production Management allows SQL Injection.This issue affects Paint Production Management: before 2.1...

CVE-2023-35072

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Coyav Travel Proagent allows SQL Injection. This issue affects Proagent: before 20230904...