8141 matches found
Dolibarr ERP/CRM SQL注入漏洞
Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system from the French Dolibarr Foundation. The system can be used to manage products, inventory, invoices, orders, etc. A SQL injection vulnerability exists in Dolibarr ERP/CRM, which stems...
Shopware SQL注入漏洞
Shopware is a suite of e-commerce software from the German company Shopware.Shopware B2B-Suite 4.4.1 and prior versions are vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements applied to the sort-by parameter of the search function. An authenticat...
CVE-2022-0787
The Limit Login Attempts Spam Protection WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions available to unauthenticated users, leading to SQL Injections...
CVE-2022-0787
The Limit Login Attempts Spam Protection WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions available to unauthenticated users, leading to SQL Injections...
WordPress plugin Wow Countdowns SQL注入漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Wow Countdowns plugin version 3.1.2 later has a SQL injection vulnerability, which stems from the plugin using the user The...
xiaohuanxiong CMS SQL注入漏洞
xiaohuanxiong is an open source comic CMS by guoguo individual developers. xiaohuanxiong version 1.0 is vulnerable to SQL injection, which originates from the id parameter in /app/controller/Books.php. No detailed vulnerability details are available...
The vulnerability of the Cyrus SASL authentication mechanism lies in the lack of protection for the structure of SQL queries, allowing attackers to execute arbitrary SQL queries.
The vulnerability of the Cyrus SASL authentication mechanism lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
Dreamer CMS SQL注入漏洞
Dreamer CMS is a Dreamer Content Management System by Junnan Wang, a personal developer in China. version 4.0.0 of Dreamer CMS has a security vulnerability that originates from the tableName parameter. No detailed vulnerability details are available at this time...
CVE-2021-27472
A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements...
CVE-2021-27468
The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements...
Delta Electronics DIAEnergie SQL注入漏洞
Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.Delta Electronics...
McAfee Epolicy Orchestrator SQL注入漏洞
McAfee Epolicy Orchestrator McAfee Epo is a U.S. based solution for managing endpoint, network, data security, and compliance. a SQL injection vulnerability exists in versions of McAfee Enterprise ePolicy Orchestrator prior to 5.10 Update 13. The vulnerability stems from the application's lack of...
Delta Electronics DIAEnergie SQL注入漏洞
Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.Delta Electronics...
Delta Electronics DIAEnergie SQL注入漏洞
Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.A SQL injection...
Simple Subscription Website SQL注入漏洞
Simple Subscription Website is an open source, web-based simple subscription application from Carlo Montero's personal developer. Used to provide companies with possible members to apply for plans that offer certain services, Simple Subscription Website is vulnerable to SQL injection, which can b...
WordPress plugin BookingPress SQL注入漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. WordPress plugin BookingPress 1.0.11 version befor...
CVE-2021-44345
Beijing Wisdom Vision Technology Industry Co., Ltd One Card Integrated Management System 3.0 is vulnerable to SQL Injection...
Ltd One Card Integrated Management SystemSQL注入漏洞
Ltd One Card Integrated Management System is a one-card integrated management system of Beijing Wisdom Vision Technology Industry Co. Ltd One Card Integrated Management System version V3.0 is vulnerable to SQL injection, which stems from the application's lack of validation of external input SQL...
Attendance and Payroll System SQL注入漏洞
Attendance and Payroll System is an attendance and payroll system using PHP/MySQLi source code from oretnom23 individual developers. sourcecodester Attendance and Payroll System is vulnerable to SQL injection, which can be exploited by remote attackers to bypass authentication via unprocessed log...
Sourcecodester Online Project Time Management System SQL注入漏洞
Online Project Time Management System is a web-based online project time management system that provides an online platform for a company's employees to report/record their assigned time or time spent on each project resubmission. online project time management system A SQL injection vulnerabilit...