Lodging Reservation Management System SQL注入漏洞

Lodging Reservation Management System is an open source accommodation reservation management system that is vulnerable to attackers using SQL injection to bypass authentication via username and password fields to grant any user access to privileges...

Hotel-Mgmt-System SQL注入漏洞

Hotel-Mgmt-System is a hotel management system. A SQL injection vulnerability exists in Raymart DG / Ahmed Helal Hotel-mgmt-system, where a malicious attacker can retrieve sensitive database information and interact with the database using the vulnerable cid parameter in processupdateprofile.php...

CVE-2021-41845

A SQL injection issue was discovered in ThycoticCentrify Secret Server before 11.0.000007. The only affected versions are 10.9.000032 through 11.0.000006...

CVE-2020-21012

Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details...

PuneethReddyHc Online Shopping System Advanced SQL注入漏洞

PuneethReddyHc Online Shopping System Advanced is an open source online shopping system from the individual developers at Puneeth Reddy HC in India. PuneethReddyHc Online Shopping System Advanced suffers from a SQL injection vulnerability that originates in the /homeaction.php catid parameter...

The vulnerability of SonicWall SMA series 100 network firewall microprogramming software, related to the lack of protection for SQL query structures, allows attackers to gain unauthorized access to protected information.

The vulnerability of SonicWall SMA 100 network firewall microprogramming software is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

CVE-2021-34712

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

CVE-2021-34712

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

Input validation

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

CVE-2021-34712 Cisco SD-WAN vManage Software Cypher Query Language Injection Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

CVE-2021-34712 Cisco SD-WAN vManage Software Cypher Query Language Injection Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

Cisco SD-WAN vManage Software Cypher Query Language Injection Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

Cisco SD-WAN vManage Software Cypher Query Language Injection (cisco-sa-sd-wan-jOsuRJCc)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an...

WordPress SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress Page Contact plugin 1.0 and earlier versions, which ste...

The vulnerability of the export report function implementation in Centreon software for IT infrastructure monitoring allows a hacker to execute arbitrary SQL commands.

The vulnerability of the software’s reporting export function for IT infrastructure monitoring in Centreon relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using the script...

The vulnerability of the software used to implement the hypertext environment in the Centreon IT infrastructure monitoring software allows a hacker to execute arbitrary SQL commands.

The vulnerability of the software for implementing the hypertext environment in the Centreon IT infrastructure monitoring software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands...

The vulnerability of the software’s image generation function for monitoring IT infrastructure in Centreon allows a hacker to execute arbitrary SQL commands.

The vulnerability of the software’s image generation function for monitoring IT infrastructure in Centreon relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands by executing the script...

The vulnerability of the Fortinet FortiPortal security analysis and management tool lies in the lack of validation for XML object sequences, allowing attackers to execute arbitrary SQL commands.

The vulnerability of the Fortinet FortiPortal security analysis and management tool lies in the lack of verification of the validity of XML objects’ sequences. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using specially crafted HTTP requests...

CVE-2021-37422

Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to SQL Injection while linking the databases...

ZOHO ManageEngine ADSelfService Plus SQL注入漏洞

ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. A SQL injection vulnerability exists in ZOHO ManageEngine ADSelfService Plus 6111 and prior versions, which can be exploited by an...