Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

PT-2023-10012 · WordPress · Editorial Calendar Plugin

Name of the Vulnerable Software and Affected Versions: Editorial Calendar Plugin versions up to 2.6 Description: A critical issue has been found in the Editorial Calendar Plugin, affecting the function edcal filter where of the file edcal.php. The manipulation of the arguments edcal startDate and...

CVE-2023-1941

A vulnerability, which was classified as critical, has been found in SourceCodester Simple and Beautiful Shopping Cart System 1.0. This issue affects some unknown processing of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiat...

Tailor Management System SQL注入漏洞

Tailor Management System is a tailor store management system by Warren Daloyan, an individual developer. A security vulnerability exists in Tailor Management System version v.1, which originates from a SQL injection vulnerability that can be exploited by an authenticated, remote attacker to execu...

CVE-2023-1850

A vulnerability was found in SourceCodester Online Payroll System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/login.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The explo...

GLPI SQL注入漏洞

GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...

PT-2023-17206 · Unknown · Jeecg-Boot

Name of the Vulnerable Software and Affected Versions: jeecg-boot version 3.5.0 Description: A vulnerability was found in the file SysDictMapper.java of the component Sleep Command Handler, leading to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public...

PT-2023-17201 · Sourcecodester · Sourcecodester Young Entrepreneur E-Negosyo System

Name of the Vulnerable Software and Affected Versions: SourceCodester Young Entrepreneur E-Negosyo System version 1.0 Description: A critical issue has been found in the system, affecting some unknown functionality of the file cart/controller.php?action=add. The manipulation of the PROID argument...

HashiCorp Vault SQL注入漏洞

HashiCorp Vault is a private key access management tool from HashiCorp Inc. in the United States. A SQL injection vulnerability exists in HashiCorp Vault versions 0.8.0 through 1.13.1, which stems from the fact that when configuring the MSSQL plugin locally, certain parameters are not cleaned up...

CVE-2023-27167

Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?searchmonth=1...

Ivanti Avalanche SQL注入漏洞

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. Ivanti Avalanche version 6.3.2.3490 suffers from a SQL injection vulnerability that stems from a crafted request in...

Centreon SQL注入漏洞

Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for resources such as networks, systems and applications. Centreon suffers from a SQL injection vulnerability that arises from failure to...

Centreon SQL注入漏洞

Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for resources such as networks, systems and applications. Centreon suffers from a SQL injection vulnerability that arises from failure to...

Faveo Helpdesk SQL注入漏洞

Faveo Helpdesk is an open source ticketing system built by Faveo based on Laravel framework. A security vulnerability exists in Faveo Helpdesk versions 1.0 through 1.11.1, which stems from a controlled parameter passed from the front-end of the login box to the back-end, resulting in an SQL...

CVE-2023-1589

A vulnerability has been found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. This vulnerability affects the function exec of the file admin/operations/approvedelete.php. The manipulation of the argument id leads to sql injection. The attack can be...

Rebuild SQL注入漏洞

Rebuild is a highly customizable enterprise management system. A security vulnerability exists in Rebuild 3.2.3 and earlier versions, which stems from the discovery of an SQL injection vulnerability contained in the file /files/list-file...

CVE-2023-1566

A vulnerability was found in SourceCodester Medical Certificate Generator App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file action.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has be...

WordPress Plugin Gift Cards SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Judging Management System SQL注入漏洞

Judging Management System is a Judging Management System by Carlo Montero Personal Developer. A SQL injection vulnerability exists in the SourceCodester Judging Management System version 1.0, which stems from a security issue with an unknown function in the file summaryresults.php, which leads to...

IBM Aspera SQL注入漏洞

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM Inc. An SQL injection vulnerability exists in IBM Aspera Faspex version 4.4.2. The vulnerability stems from the application's lack of validation of external...