PT-2022-27187 · Unknown · Sanitization Management System

Name of the Vulnerable Software and Affected Versions: Sanitization Management System version 1.0 Description: The issue concerns SQL Injection, which can be exploited via the /php-sms/admin/?page=inquiries/view inquiry&id= endpoint. The id parameter is vulnerable to this type of attack. SQL...

webTareas SQL注入漏洞

webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A security vulnerability exists in webTareas version 2.4p5, which originates from an SQL injection via the id parameter in...

AeroCMS SQL注入漏洞

AeroCMS is a content management system from AeroCMS Inc. in the United States. AeroCMS version v0.0.1 suffers from a security vulnerability that stems from the discovery of a contained SQL injection vulnerability via the Search parameter. An attacker exploits the vulnerability to access database...

WordPress plugin WP User Merger SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Versions of WordPress WP Us...

JeecgBoot Jeecg-Boot SQL注入漏洞

Jeecg-Boot is a code generator based low-code platform from the JeecgBoot community. JeecgBoot A security vulnerability exists in Jeecg-Boot version v3.4.3, which stems from the discovery of a contained SQL injection vulnerability via component /sys/user/deleteRecycleBin...

PT-2022-27121 · Jizhicms · Jizhicms

Name of the Vulnerable Software and Affected Versions: Jizhicms version 2.3.3 Description: A SQL injection issue was found in the /Member/memberedit.html component. This allows for potential exploitation via SQL injection attacks. Recommendations: For Jizhicms version 2.3.3, consider restricting...

PT-2022-27163 · Unknown · Sanitization Management System

Name of the Vulnerable Software and Affected Versions: Sanitization Management System version 1.0 Description: The issue is related to SQL Injection via the "/php-sms/admin/?page=user/manage user&id=" endpoint. This allows for potential exploitation. No information is provided about the estimated...

PT-2022-24240 · Silverstripe · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: Silverstripe silverstripe/framework versions through 4.11 Description: The issue allows SQL Injection, which can be exploited by an attacker with CMS access to execute arbitrary SQL statements. This is achieved by adding an SQL payload in...

PT-2022-26330 · Unknown · Dreamer Cms

Name of the Vulnerable Software and Affected Versions: Dreamer CMS version 4.0.01 Description: The issue is related to SQL Injection. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited...

Student Attendance Management System SQL注入漏洞

Student Attendance Management System is an attendance management system for students.A security vulnerability exists in Student Attendance Management System, which stems from a SQL injection issue in the Id parameter of the /Admin/createClass.php file. No detailed vulnerability details are...

PT-2022-26065 · Delta Electronics · Diaenergie

Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAEnergie versions prior to v1.9.02.001 Description: The issue allows an attacker to inject SQL queries via the network. This is related to SQL Injection in Handler CFG.ashx. Recommendations: For versions prior to...

Vulnerabilities fixed in Red Hat Satellite

Vulnerabilities have been fixed in Red Hat Satellite. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution Administrator/Root rights SQL Injection Access to sensitiv...

PT-2022-25223 · Unknown · Hospital Management Center

Name of the Vulnerable Software and Affected Versions: Hospital Management Center affected versions not specified Description: A critical issue has been found in Hospital Management Center, affecting an unknown function of the file patient-info.php. The manipulation of the pt id argument leads to...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics Taiwan, China used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes and maximize...

CVE-2022-43291

Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /youthappam/editclient.php...

PT-2022-26733 · Unknown · Online Diagnostic Lab Management System

Name of the Vulnerable Software and Affected Versions: Online Diagnostic Lab Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/odlms//classes/Master.php?f=delete activity" API endpoin...

Canteen Management System SQL注入漏洞

Canteen Management System is a canteen management system by Mayuri K. Individual developer. A security vulnerability exists in Canteen Management System Project version v1.0, which was discovered to contain a SQL injection vulnerability via the component /youthappam/add-food.php...

PT-2022-26732 · Unknown · Online Diagnostic Lab Management System

Name of the Vulnerable Software and Affected Versions: Online Diagnostic Lab Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/odlms/classes/Users.php?f=delete" API endpoint...

Schneider Electric EcoStruxure Operator Terminal Expert SQL注入漏洞

Schneider Electric EcoStruxure Operator Terminal Expert is a touch screen configuration software from Schneider Electric, France. This software support is mainly used to create and edit touch applications. A SQL injection vulnerability exists in Schneider Electric EcoStruxure Operator Terminal...

Tim Campus Confession Wall SQL注入漏洞

Tim Campus Confession Wall is a confession wall organized by Tim Campus. Tim Campus Confession Wall suffers from a SQL injection vulnerability that stems from unknown functionality in the file share.php, where manipulation of the parameter postid can result in sql injection...