CVE-2021-46427

An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php...

JeecgBoot SQL注入漏洞

JeecgBoot is a Java low-code platform for enterprise Web applications in China. A SQL injection vulnerability exists in JeecgBoot version 3.0, which stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to...

CVE-2021-4088

SQL injection vulnerability in Data Loss Protection DLP ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code execution on the ePO server...

CVE-2021-46308

An SQL Injection vulnerability exists in Sourcecodester Online Railway Reservation Sysytem 1.0 via the sid parameter...

CVE-2021-25054

The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability...

WordPress plugin SQL注入漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress has a SQL injection vulnerability in versions prior to 5.8.3, which stems from the lack of validation of externally...

WordPress plugin SQL注入漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.The WordPress Download Monitor Plugin has a SQL injection vulnerability in versions prior to 4.4.5, which stems from the use...

CVE-2021-45814

Nettmp NNT 5.1 is affected by a SQL injection vulnerability. An attacker can bypass authentication and access the panel with an administrative account...

The vulnerability of the “description_filter” parameter in the group_list component of the Advantech R-SeeNet monitoring software for routers, related to incorrect validation of input data, allows a hacker to execute arbitrary SQL queries.

The vulnerability of the “descriptionfilter” parameter in the grouplist component of the Advantech R-SeeNet monitoring software for routers is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL...

CVE-2021-43155

Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php...

CVE-2021-45255

The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with that domain,...

WordPress SQL注入漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The WordPress WP Visitor Statistics plugin has a SQL injection vulnerability in versions prior to 4.8. The...

PT-2021-5674 · Microsoft · Defender For Iot

Name of the Vulnerable Software and Affected Versions: Microsoft Defender for IoT affected versions not specified Description: The issue is related to incorrect code generation management in Microsoft Defender for IoT, allowing a remote attacker to execute arbitrary code using a specially crafted...

ZZCMS SQL注入漏洞

ZZCMS is a content management system CMS from the Zzcms team in China. zzcms is vulnerable to SQL injection, which allows an attacker to use the id parameter in admin/bad.php with a lack of validation for external input SQL statements. An attacker can use the vulnerability to execute illegal SQL...

Broadcom CA Network Flow Analysis SQL注入漏洞

Broadcom CA Network Flow Analysis is a network traffic monitoring solution from Broadcom Corporation USA. A SQL injection vulnerability exists in Broadcom CA Network Flow Analysis NFA version 21.2.1 and earlier, which could allow an authenticated attacker to access sensitive data...

Advantech R-SeeNet SQL注入漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech Taiwan. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet is vulnerable to a SQL injection vulnerability due to insufficient cleaning of...

Advantech R-SeeNet SQL注入漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech Taiwan. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet is vulnerable to SQL injection, which is caused by insufficient cleaning of...

oretnom23 Company Recruitment Management System SQL注入漏洞

oretnom23 Company Recruitment Management System is an open source Company Recruitment Management System from the individual developers of oretnom23. A SQL injection vulnerability exists in oretnom23 Company Recruitment Management System, which can be exploited by attackers to perform SQL injectio...

WordPress SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress Chameleon CSS plugin in version 1.2 and earlier, which...

WordPress SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress Plugin is a WordPress open source application plugin. SQL injection vulnerability exists in the Wordpress...