Online Food Ordering System SQL注入漏洞

Online Food Ordering System is an online food ordering system. Online Food Ordering System suffers from a SQL injection vulnerability that can be exploited by an attacker to perform SQL injection via the component /dish .php?resid=...

CVE-2022-38118

OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service...

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Library Management System v1.0, which was discovered to contain an SQL injection vulnerability via the...

WordPress plugin Leaflet Maps Marker SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Leaflet Maps Marker Google...

Sparx Systems Enterprise Architect 安全漏洞

Sparx Systems Enterprise Architect is an OMG UML-based visual modeling and design tool from Sparx Systems, Australia. A security vulnerability exists in Sparx Systems Enterprise Architect version 16.0.1605, which stems from the Find parameter of the Select Classifier dialog box that allows SQL...

Ingredients Stock Management System SQL注入漏洞

Ingredients Stock Management System is an ingredient stock management system by Carlo Montero. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /items/view An SQL injection issue exists in the id parameter of the item.php location. No...

WordPress plugin Contest Gallery SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

CVE-2022-36606

Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database...

VulnCheck KEV: CVE-2022-24260

A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level...

CVE-2022-35603

A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt...

PT-2022-18769 · Sourcecodester · Sourcecodester Loan Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Zoo Management System affected versions not specified Description: A critical issue was found in the processing of the file /pages/animals.php, where the manipulation of the class id argument leads to SQL injection. This issue...

Loan Management System SQL注入漏洞

Loan Management System is a loan management system by razormist individual developers. Loan Management System suffers from a SQL injection vulnerability that stems from some unknown functionality in the file /index.php being affected, where manipulation of the parameter password can lead to sql...

CVE-2022-2679

A vulnerability was found in SourceCodester Interview Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /viewReport.php. The manipulation of the argument id with the input UPDATEXML9729,CONCAT0x2e,0x716b707071,SELECT...

Pharmacy Management System SQL注入漏洞

Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from a lack of validation of external input in the id parameter of editproduct.php SQL statement...

Pharmacy Management System SQL注入漏洞

Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from the getOrderReport.php startDate parameter in getOrderReport.php lacks validation for extern...

Online Tours And Travels Management System SQL注入漏洞

Online Tours And Travels Management System is an online travel management system by Carlo Montero, an individual developer. A security vulnerability exists in Online Tours And Travels Management System v1.0, which can be exploited by an attacker to perform SQL injection using the pname parameter ...

CVE-2022-2142

The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information...

Barangay Management System SQL注入漏洞

Barangay Management System is a database driven system. A security vulnerability exists in Barangay Management System version v1.0, which originates from an SQL injection vulnerability contained in the hiddenid parameter via /officials/officials.php...

CVE-2022-26120

Multiple improper neutralization of special elements used in an SQL Command 'SQL Injection' vulnerabilities CWE-89 in FortiADC management interface 7.0.0 through 7.0.1, 5.0.0 through 6.2.2 may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP...

CVE-2017-20130

A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/searchproperty.php. The manipulation of the argument propertyfor leads to sql injection. The attack can be...