8141 matches found
Magic CMS SQL注入漏洞
Magic CMS is a CMS system. A security vulnerability exists in the Magic CMS MSVOD v10 version that stems from an SQL injection issue in the video system. An attacker can exploit this vulnerability to obtain sensitive information in the database...
PT-2022-13934 · Rtx · Rtx
Name of the Vulnerable Software and Affected Versions: rtx versions prior to checkpoint 2022-04-20 Description: The issue is related to a SQL injection vulnerability in the ARAX-UI Synonym Lookup functionality. This vulnerability is critical as it can lead to remote code execution, resulting in...
Delta Electronics DIAEnergie SQL注入漏洞
Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. Delta...
WordPress plugin Hermit SQL注入漏洞
WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The WordPress Hermit plugin 3.1.6 and previous versions are vulnerable to SQL injection, which stems from the la...
Delta Electronics DIAEnergie SQL注入漏洞
Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. Delta...
Delta Electronics DIAEnergie SQL注入漏洞
Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. Delta...
Delta Electronics DIAEnergie SQL注入漏洞
Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. Delta...
The vulnerability of the group_list component of the Advantech R-SeeNet monitoring software allows a hacker to execute arbitrary SQL queries.
The vulnerability of the “ord” parameter in the grouplist component of the Advantech R-SeeNet monitoring software for routers is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remote...
The vulnerability of the information system openSIS, related to the failure to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.
The vulnerability of the information system openSIS is related to the failure to implement measures to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries using the /opensis/functions/GetStuListFnc.php &Grade= parameter...
The vulnerability of the implementations of the QuerySet.annotate(), aggregate(), and extra() methods in the Django web application framework allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the implementation of the QuerySet.annotate, aggregate, and extra methods in the Django software platform is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality,...
CVE-2022-27299
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php...
HealthNode Hospital Management System SQL注入漏洞
Hospital Management System is a hospital management system. The system includes patient information management, ward management, surgery schedule management and financial management, etc. A SQL injection vulnerability exists in Hospital Management System v1.0, which stems from the lack of...
TYPO3 SQL注入漏洞
TYPO3 is a content management system framework CMS/CMF from the Swiss TYPO3 Association.TYPO3 One is Enough Library 4.1.5 and earlier versions are vulnerable to SQL injection, which stems from inadequate cleaning of user-supplied data. A remote attacker could use this vulnerability to send a...
CuppaCMS SQL注入漏洞
CuppaCMS is a content management system CMS. SQL injection vulnerability exists in CuppaCMS v1.0, which originates from the missing validation of external input in the menufilter parameter in /administrator/templates/default/html/windows/right.php. SQL statement validation. An attacker could use...
The vulnerability of the Used_tables_and_const_cache::used_tables_and_const_cache_join component of the MariaDB database management system allows a hacker to cause a service failure.
The vulnerability of the Usedtablesandconstcache::usedtablesandconstcachejoin component of the MariaDB database management system is related to the lack of protective measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to trigger service failures using...
Link Group Link-Admin SQL注入漏洞
Link Group Link-Admin is a pension fund system administration service from Link Group Australia. v0.0.1 of Link-Admin is vulnerable to SQL injection, which stems from the lack of SQL data filtering in DictRest.ResponseResult. An attacker could exploit this vulnerability to cause SQL injection...
CVE-2022-28410
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Users.php?f=deleteagent...
CVE-2022-28421
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=posts&action=display&value=1&postid=...
CVE-2022-28030
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=deleteestate...
CVE-2022-28020
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\positionedit.php...