Cacti SQL Injection Vulnerability

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. Cacti suffers from a SQL injection vulnerability that stems from the fact...

Cacti SQL Injection Vulnerability

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. Cacti is vulnerable to a SQL injection vulnerability. No information about...

Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform SQL Injection Vulnerability

Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform is a Multi-Service Secure Gateway Intelligent Management Platform from Beijing Baichuo, China. Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform suffers from a SQL injecti...

Library Management System SQL Injection Vulnerability

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Senayan Library Management Systems SLIMS 9 Bulian v9.6.1, which stems from vulnerability to SQL injection...

WordPress plugin WooCommerce PDF Invoice Builder SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL server set up a personal blog site. WordPress plugin is an application plugin. WordPress plugin WooCommerce PDF Invoi...

PT-2023-12172 · Tripspark · Tripspark Veo Transportation

Name of the Vulnerable Software and Affected Versions: TripSpark VEO Transportation versions 2.2.x NovusEDU versions 2.2.x Description: The issue allows unsafe data inputs in POST body parameters from end users without sanitizing using server-side logic. It was possible to inject custom SQL...

O_Blog SQL注入漏洞

OBlog is a blogging platform. A security vulnerability exists in berkaygediz OBlog version v.1.0, which stems from a vulnerability that allows local attackers to escalate privileges via the securefilepriv component...

OpenRapid RapidCMS SQL注入漏洞

OpenRapid RapidCMS is OpenRapid open source a fast and easy to use CMS system. A SQL injection vulnerability exists in OpenRapid RapidCMS version 1.3.1, which stems from the incorrect manipulation of the parameter id can lead to sql injection...

Beijing Baichuo Smart S85F Management Platform 命令注入漏洞

Beijing Baichuo Smart S85F Management Platform is a management platform of Beijing Baichuo Company. Beijing Baichuo Smart S85F Management Platform suffers from a command injection vulnerability that originates in /log/decodmail.php and can lead to SQL injection...

PT-2023-16380 · WordPress · Yarpp

Name of the Vulnerable Software and Affected Versions: YARPP WordPress plugin versions prior to 5.30.3 Description: The issue is related to the YARPP WordPress plugin, which does not validate and escape some of its shortcode attributes before using them in SQL statements. This could allow any...

Mitel MiVoice Office 400 SMB Controller SQL Injection Vulnerability

The Mitel MiVoice Office 400 SMB Controller is an SMB controller from Mitel Canada. A security vulnerability exists in Mitel MiVoice Office 400 SMB Controller version 1.2.5.23, which originated from a vulnerability that could allow a malicious attacker to access sensitive information and perform...

CVE-2023-39806

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function...

iCMS SQL Injection Vulnerability

iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A security vulnerability exists in iCMS v7.0.16, which is caused by a SQL injection vulnerability discovered via the bakupdata function...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

PT-2023-24518

Name of the Vulnerable Software and Affected Versions a2 Camera Trap Tracking System versions prior to 3.1905 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

ChurchCRM SQL注入漏洞

ChurchCRM is an open source CRM system for churches. ChurchCRM version v5.0.0 suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the group parameter of QueryView.php. An attacker can exploit this vulnerability to execute illeg...

PT-2023-26069 · Unknown · Judging Management System

Name of the Vulnerable Software and Affected Versions: Judging Management System version 1.0 Description: A SQL injection issue was found in the Judging Management System. The vulnerability can be exploited via the id parameter at the "/php-jms/deductScores.php" API endpoint. Recommendations: For...

Siemens RUGGEDCOM CROSSBOW SQL注入漏洞

RUGGEDCOM CROSSBOW is a secure access management solution designed to provide NERC CIP compliant access to smart electronic devices. Siemens RUGGEDCOM CROSSBOW suffers from a SQL injection vulnerability that can be exploited by an attacker to execute arbitrary SQL queries on the server database a...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in Parasolid, Solid Edge, TeamCenter, SoftwareCenter, SIMATIC, SICAM and Ruggedcom products. The vulnerabilities potentially enable a malicious party to execute attacks that could result in the following categories of damage: Denial-of-Service DoS. Manipulation o...

PrestaShop SQL Injection Vulnerability

PrestaShop is a set of open source e-commerce solutions from PrestaShop, USA. The solution provides multiple payment methods, short message alerts and product image zoom and other features. A SQL injection vulnerability exists in PrestaShop versions prior to 8.1.1, which stems from a SQL injectio...