CVE-2022-31959

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/teams/manageteam.php?id=...

CVE-2022-31347

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=deletevehicle...

CVE-2022-31351

Online Car Wash Booking System v1.0 by oretnom23 has SQL injection via /ocwbs/admin/services/manageprice.php?id=...

CVE-2022-30823

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blogeventsedit.php...

CVE-2022-30815

elitecms 1.01 is vulnerable to SQL Injection via admin/editsidebar.php?page=2&sidebar=...

CVE-2022-30797

Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php...

CVE-2021-44098

EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expenseaction.php. This allows a remote attacker to compromise Application SQL database...

CVE-2021-44095

A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database...

ZZCMS SQL注入漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. zzCMS version 2019 is vulnerable to SQL injection, which stems from the lack of single quotes in the id parameter of /admin/dlsendsms.php. No detailed vulnerability details are currently available...

Responsive Online Blog SQL注入漏洞

Responsive Online Blog is a responsive online blog site. responsive Online Blog v1.0 is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the id parameter of single.php. An attacker could use this vulnerability to execute illegal SQL commands t...

Complete Online Job Search System SQL注入漏洞

Complete Online Job Search System is an online job search system. SQL injection vulnerability exists in Complete Online Job Search System, which originates from /eris/index.php?q=category&search=page missing validation of external input SQL statements. An attacker could use this vulnerability to...

Badminton Center Management System SQL注入漏洞

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. It provides an online and automated platform for badminton centers to manage their daily transactions and records.Badminton Center Management System version v1.0 is vulnerable to SQ...

Complete Online Job Search System SQL注入漏洞

Complete Online Job Search System is an online job search system. complete Online Job Search System is vulnerable to SQL injection, which originates from eris/admin/vacancy/index.php?view=edit & id=page missing validation of external input SQL statements. An attacker could use this vulnerability ...

MV Informática IDCE MV SQL注入漏洞

MV Informática IDCE MV is a health management software from the Brazilian company MV Informática. MV Informática IDCE MV version 1.0 contains a SQL injection vulnerability that stems from a SQL injection issue in the user field of the login page. An attacker could exploit the vulnerability to...

Car Rental Management System SQL注入漏洞

Car Rental Management System is a car rental management system. SQL injection vulnerability exists in Car Rental Management System, which can be exploited by attackers to view, add, modify or delete information in the back-end database...

CVE-2022-29684

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/jsdel...

Hospital Management System SQL注入漏洞

Hospital Management System HMS is a computer system that helps manage health care-related information and helps health care providers do their jobs efficiently. hospital Management System v1.0 is vulnerable to a SQL injection vulnerability that originates in docter.php The editid parameter is...

CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability that originates from the id parameter in /admin.php/user/leveldel that lacks validation of externally...

CVE-2022-28862

In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities occur in dwr/call/plaincall/workflow.runWorkflowRule.dwr. Through the injection of arbitrary SQL statements, a potential attacker can modify query syntax and perform unauthorized and unexpected operations against the remo...

SQL Injection

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to SQL Injection via the mcprojectgetusers function. An attacker can manipulate SQL queries and access or alter database information without proper authorization by injecting malicious SQL command...