PT-2023-25007 · Ibos Oa · Ibos Oa

Name of the Vulnerable Software and Affected Versions: IBOS OA version 4.5.5 Description: A critical issue was found in the actionEdit function of the ?r=dashboard/roleadmin/edit&op=member endpoint, part of the Add User Handler component. The manipulation of the id argument leads to SQL injection...

PT-2023-24399 · Unknown · Lost/Found Information System

Name of the Vulnerable Software and Affected Versions: Lost and Found Information System version 1.0 Description: The issue is related to a SQL injection vulnerability. It affects the component /php-lfis/admin/?page=system info/contact information. Recommendations: For Lost and Found Information...

It-novum OpenITCOCKPIT SQL注入漏洞

It-novum OpenITCOCKPIT is an open source system monitoring tool from It-novum, Germany. A security vulnerability exists in it-novum openITCOCKPIT, which originates from an SQL injection via the sort parameter of the API interface...

UBUNTU-CVE-2023-34600

Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection...

WUZHI CMS SQL注入漏洞

Wuzhicms is five fingers WUZHI company's set of PHP and MySQL based on open source content management system CMS. A SQL injection vulnerability exists in Wuzhicms version 4.1.0. An attacker can exploit this vulnerability to execute arbitrary code via the checktitle function...

PT-2023-22709

Name of the Vulnerable Software and Affected Versions TMT Lockcell versions prior to 15 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations For versions...

FUEL CMS SQL注入漏洞

FUEL CMS is a content management system CMS based on the Codelgniter framework. A security vulnerability exists in FUEL CMS v1.5.2, which is caused by an SQL injection vulnerability in the id parameter of the /controllers/Blocks.php page...

RuoYi SQL注入漏洞

RuoYi is a backend management system for individual developers of RuoYi in China. A SQL injection vulnerability exists in RuoYi 4.7.7 and earlier versions. The vulnerability stems from improperly filtered sql statements, resulting in SQL injection and DoS attacks...

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop jmspagebuilder version 3.x. The vulnerability stems from a SQL...

PT-2023-24197 · Xibo · Xibo

Name of the Vulnerable Software and Affected Versions: Xibo versions 3.2.0 through 3.3.2 Description: A SQL injection issue was discovered in the /display/map API route, allowing an authenticated user to exfiltrate data from the Xibo database by injecting specially crafted values into the bounds...

PT-2023-22332 · Sourcecodester · Sourcecodester Faculty Evaluation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Faculty Evaluation System version 1.0 Description: A critical issue has been found in the SourceCodester Faculty Evaluation System, affecting some unknown functionality of the file "index.php?page=edit user". The manipulation o...

Ipekyolu Software Auto Damage Tracking Software SQL注入漏洞

Ipekyolu Software Auto Damage Tracking Software is an automatic damage tracking software from Ipekyolu Software. A SQL injection vulnerability exists in previous versions of Ipekyolu Software Auto Damage Tracking Software 4, which stems from improper neutralization of the particular element used...

CVE-2023-31752

SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employeegatepass/classes/Login.php...

Piwigo SQL注入漏洞

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A security vulnerability exists in Piwigo version 13.6.0, which stems from a problem with the configuration file functionality and can...

CVE-2022-47984

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 243163...

CVE-2023-2773

A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file viewadmin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched...

Bus Dispatch and Information System SQL注入漏洞

Bus Dispatch and Information System is a bus dispatch and information system. A SQL injection vulnerability exists in Bus Dispatch and Information System version 1.0, which stems from unknown functionality in adminHome.php that causes sql injection via the parameter reachcity...

PT-2023-20853 · Unknown · Sourcecodester Online Exam System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Exam System version 1.0 Description: A critical issue was found in the SourceCodester Online Exam System, affecting some unknown functionality of the file /mahasiswa/data of the component POST Parameter Handler. The...

Lost and Found Information System SQL注入漏洞

Lost and Found Information System is a lost and found information system by oretnom23 Individual Developer. A SQL injection vulnerability exists in Lost and Found Information System version 1.0, which stems from an incorrect manipulation of the parameter id resulting in sql injection...

Veritas Technologies Infoscale Operations Manager SQL注入漏洞

Veritas Technologies Infoscale Operations Manager is a suite of software from Veritas Technologies, Inc. that is used to manage the entire InfoScale deployment. The software provides multi-cluster management, customized interfaces, and centralized audit logging. A SQL injection vulnerability exis...