CVE-2022-1371

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

WordPress plugin SiteSuperCharger SQL注入漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. SQL injection vulnerability exists in versions of WordPress SiteSuperCharger plugin prior to...

PT-2022-13934 · Rtx · Rtx

Name of the Vulnerable Software and Affected Versions: rtx versions prior to checkpoint 2022-04-20 Description: The issue is related to a SQL injection vulnerability in the ARAX-UI Synonym Lookup functionality. This vulnerability is critical as it can lead to remote code execution, resulting in...

Magic CMS SQL注入漏洞

Magic CMS is a CMS system. A security vulnerability exists in the Magic CMS MSVOD v10 version that stems from an SQL injection issue in the video system. An attacker can exploit this vulnerability to obtain sensitive information in the database...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. Delta...

CVE-2022-27299

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php...

CVE-2022-28410

Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Users.php?f=deleteagent...

Student Grading System SQL注入漏洞

Student Grading System is a student grading system from Carlo Montero's personal developer. v1.0 of Student Grading System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

Sourcecodester Baby Care System SQL注入漏洞

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=siteoptions&social=display&value=0&sid=midsid parameter missing validation of external...

Sourcecodester Baby Care System SQL注入漏洞

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability, which originates from /admin.php?id=siteoptions&social=edit&sid=insid parameter missing validation of external input...

Simple Real Estate Portal System SQL注入漏洞

Simple Real Estate Portal System is a real estate portal system from Carlo Montero's personal developer. Simple Real Estate Portal System v1.0 is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

Cisco Unified Communications Manager SQL注入漏洞

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call processing component of the Unified Communications System from Cisco USA. The component provides a scalable, distributable, and highly available enterprise IP telephony call processing solution.Unified Communications...

CVE-2022-27927

A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable coursecode and/or customernumber parameter...

ALPINE-CVE-2022-26651

An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. The funcodbc module provides possibly inadequate escaping functionality for backslash characters in SQL queries, resulting in user-provided data creating a broken SQL query or possibly a SQL injection. Th...

Asterisk SQL注入漏洞

Asterisk is a PBX system software that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols.Asterisk suffers from a SQL injection vulnerability that can be exploited by attackers to cause user-supplied data to create corrupt SQL queries or possibly SQL injections...

JHipster SQL注入漏洞

JHipster is an open source application builder that develops web applications and microservices primarily using Angular or React and Spring Framework.JHipster suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements, whic...

CVE-2022-28467

Online Student Admission v1.0 was discovered to contain a SQL injection vulnerability via the txtapplicationID parameter...

WordPress plugin Wow Countdowns SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Wow Countdowns plugin version 3.1.2 later has a SQL injection vulnerability, which stems from the plugin using the user The...

xiaohuanxiong CMS SQL注入漏洞

xiaohuanxiong is an open source comic CMS by guoguo individual developers. xiaohuanxiong version 1.0 is vulnerable to SQL injection, which originates from the id parameter in /app/controller/Books.php. No detailed vulnerability details are available...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.Delta Electronics...