CVE-2021-20028

Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access SRA products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier...

Centreon SQL注入漏洞

Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring of network, system and application resources. A SQL injection vulnerability exists in Centreon versions prior to 20.04.14, 20.10.8, and 21.04.2. An...

Advisto PEEL SHOPPING SQL注入漏洞

PEEL Shopping is a PHP/MySQL architecture of open source e-commerce system. 9.4.0.1 prior version of PEEL Shopping has a SQL injection vulnerability, which can be exploited by attackers to inject malicious SQL queries and obtain sensitive database information...

CVE-2021-25213

SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to subcat.php...

CVE-2021-25202

SQL injection vulnerability in SourceCodester Sales and Inventory System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to \ahira\admin\inventory.php...

Moodle SQL注入漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. Moodle suffers from an SQL injection vulnerability that stems from insufficient processing of user-supplied data in the library that...

CVE-2021-28993

Plixer Scrutinizer 19.0.2 is affected by: SQL Injection. The impact is: obtain sensitive information remote...

DHIS 2 SQL注入漏洞

DHIS 2 is a software application. A flexible information system for data capture, management, validation, analysis and visualization. A SQL injection vulnerability exists in dhis2 DHIS 2. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor...

White Shark System SQL注入漏洞

White Shark System WSS is a browser-based collaboration platform that integrates Project Management, Task Management, Work Management and Work Log Management. Project Management", "Task Management", "Work Management" and "Work Log Management". A SQL injection vulnerability exists in White Shark...

WordPress SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress Xllentech English Islamic Calendar plugin prior to...

Trace Financial CRESTBridge SQL注入漏洞

CRESTBridge is a resilient, feature-rich interface for Trace Financial.A SQL injection vulnerability exists in Trace Financial CRESTBridge versions prior to 6.3.0.02, which stems from a lack of validation of external input SQL statements, which can be exploited by attackers to execute illegal SQL...

VulnCheck KEV: CVE-2021-20028

SonicWall Secure Remote Access SRA products contain an improper neutralization of a SQL Command leading to SQL injection...

CVE-2020-26677

Any user logged in to a vFairs 3.3 virtual conference or event can perform SQL injection with a malicious query to the API...

COVID19 Testing Management System SQL注入漏洞

COVID19 Testing Management System is a COVID19 Testing Management System. A SQL injection vulnerability exists in COVID19 Testing Management System version 1.0, which is exploited via the admin panel...

Liferay Enterprise Portal SQL注入漏洞

Liferay Enterprise Portal is an application system from Liferay USA. It provides a showcase for e-commerce functionality. A SQL injection vulnerability exists in Liferay Enterprise Portal version 7.3.5. The vulnerability stems from the program not adequately cleaning up user-supplied data in the...

思科 Cisco Unified Communications Manager SQL注入漏洞

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable, and highly available enterprise IP telephony call processing solution. A SQL injection vulnerability...

PHPGurukul Online Book Store SQL注入漏洞

PHPGurukul Online Book Store is a PHP-based online bookstore website system. A SQL injection vulnerability exists in Online Book Store v1.0, which arises from the lack of validation of externally entered SQL statements in database-based applications, and can be exploited by remote attackers to...

Cisco SD-WAN vManage Cypher Query Language Injection (cisco-sa-vmanage-cql-inject-c7z9QqyB)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

Qnap Systems QNAP NAS running Multimedia Console SQL注入漏洞

Qnap Systems QNAP NAS running Multimedia Console is an application from China Weilian Qnap Systems. A multimedia console. A security vulnerability exists in QNAP NAS running Multimedia Console, which can be exploited by an attacker to obtain application information...

Zenario CMS SQL注入漏洞

Zenario CMS is a Zenario open source application . Provides a web-based content management system. A security vulnerability exists in Zenario CMS 8.8.52729 SQL Injection, which allows remote attackers to exploit the vulnerability to access the database or remove plugins...