IBM i SQL注入漏洞

IBM i is a set of operating systems from IBM running in IBM Power Systems and IBM PureSystems. IBM i versions 7.3, 7.4 and 7.5 have a SQL injection vulnerability, which stems from the application's lack of validation of external input SQL statements and can be used by attackers to execute illegal...

Home Clean Services Management System SQL注入漏洞

Home Clean Services Management System is a home cleaning service system. version 1.0 of Home Clean Services Management System is vulnerable to a SQL injection issue in login.php. An attacker could exploit this vulnerability to obtain sensitive database information...

WordPress plugin Nirweb support SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Nirweb support is vulnerable to SQL injection, a vulnerability that stems from...

CVE-2022-26632

Multi-Vendor Online Groceries Management System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /products/viewproduct.php...

School Dormitory Management System SQL注入漏洞

School Dormitory Management System is a school dormitory management system. SQL injection vulnerability exists in School Dormitory Management System v1.0, which originates from /dms/admin/reports/dailycollection The report.php parameter lacks validation for external input SQL statements. An...

Simple Student Quarterly Result/Grade System SQL注入漏洞

Simple Student Quarterly Result/Grade System is a student quarterly grade management system from the individual developer Carlo Montero. A security vulnerability exists in Simple Student Quarterly Result/Grade System version 1.0, which stems from an SQL injection vulnerability...

CLSA-2022-1652986513 Fixed CVE-2022-29155 in openldap

CVE-2022-29155: fix SQL injection vulnerability caused by LDAP search operation...

CVE-2022-1361

The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user’s accounts and devices...

GHSA-2GW6-73WC-X88F Apache Geode information disclosure vulnerability

Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an OQL query that exposes data stored in the...

Toll Tax Management System SQL注入漏洞

Toll Tax Management System is a toll tax management system. A SQL injection vulnerability exists in Toll Tax Management System version 1.0, which stems from the id parameter being susceptible to SQL injection attacks. The vulnerability can be exploited by an attacker to obtain sensitive informati...

CVE-2022-1731

Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO or System authentication are required to be enabled for vulnerable conditions to exist...

HMS SQL注入漏洞

HMS is a computer or web-based hospital management system. version 1.0 of HMS is vulnerable to SQL injection, which stems from the presence of multiple parameters that can lead to SQL injection when requesting appointment.php using the POST method. An attacker could use this vulnerability to obta...

WordPress plugin Visual Slide Box Builder SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Visual Slide Box Builder plugin 3.2.9 and earlier versions are vulnerable to SQL injection, which...

Hospital Management System SQL注入漏洞

Hospital Management System HMS is a computer system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. hospital Management System v1.0 is vulnerable to SQL injection, which can be exploited by attackers via the SQL injection via the deli...

OpenClinica SQL注入漏洞

OpenClinica is a commercial open source clinical trial software for electronic data capture EDC and clinical data management CDM. A security vulnerability exists in OpenClinica versions prior to 3.16.1 that stems from the use of string concatenation to create SQL queries...

CVE-2022-30401

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/?p=viewproduct&id=...

CVE-2022-30392

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/classes/Master.php?f=deletesubcategory...

CVE-2022-30400

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/admin/orders/vieworder.php?view=user&id=...

CVE-2022-30396

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/admin/?page=inventory/manageinventory&id=...

Merchandise Online Store SQL注入漏洞

Merchandise Online Store is a merchandise online store system. merchandise Online Store has a security vulnerability that can be exploited by attackers via /vloggersmerch/admin/?page=maintenance/managecategory& id= to conduct an SQL injection attack...