Sourcecodester Simple College Website SQL注入漏洞

Sourcecodester Simple College Website is a Sourcecodester open source application. A content management system. SourceCodester Simple College Website v 1.0 is vulnerable to SQL injection, which can be exploited by remote attackers to execute arbitrary SQL statements against news.php via the id...

CASAP Automated Enrollment SQL注入漏洞

CASAP Automated Enrollment is an automated enrollment system for the CASAP organization in the United States. The purpose of the project is to provide CASAP with an automated enrollment system to streamline the school process and make it more effective, efficient and easy to retrieve...

PHPGurukul Student Record System SQL注入漏洞

PHPGurukul Student Record System is an application that is vulnerable to SQL injection. The vulnerability stems from a lack of validation of external input SQL statements in the cid parameter of edit-course.php, which can be exploited by remote attackers to through to execute arbitrary SQL...

SourceCodester E-Commerce Website SQL注入漏洞

SourceCodester E-Commerce Website is a software application. A PHP e-commerce website project for bookstores. A SQL injection vulnerability exists in SourceCodester E-Commerce Website version V1.0, which originates from a lack of validation of the update parameter of empViewUpdate.php against an...

UBUNTU-CVE-2021-27021

A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query...

Teachers Record Management System SQL注入漏洞

Teachers Record Management System is an open source Teachers Record Management System. A security vulnerability in PHPGurukul Employee Record Management System 1.1 allows remote attackers to bypass authentication by executing arbitrary SQL commands...

Moodle SQL注入漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. Moodle suffers from an SQL injection vulnerability that stems from insufficient processing of user-supplied data in the library that...

ShareCare SQL注入漏洞

ShareCare is a clinical and financial software system of Echo Group. Echo ShareCare suffers from an SQL injection vulnerability that stems from ShareCare's susceptibility to SQL injection vulnerabilities when processing remote input from arbitrary users...

ShareCare SQL注入漏洞

ShareCare is a clinical and financial software system from Echo Group. An SQL injection vulnerability exists in Echo ShareCare version 8.15.5 that stems from not performing authentication or authorization checks when accessing a subset of sensitive resources, which could allow an unauthenticated...

WordPress 插件 SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . The WordPress plugin suffers from a code injection...

IBM InfoSphere Information Server SQL注入漏洞

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server has a security vulnerability that can be exploited by an attacker to view...

Aruba ClearPass Policy Manager SQL注入漏洞

Aruba ClearPass Policy Manager is an application from Aruba, Inc. that provides a wireless network security access management system. Aruba ClearPass Policy Manager has a security vulnerability that could allow a remote attacker to perform a SQL injection attack on a ClearPass instance...

The vulnerability in the “main/inc/ajax/model.ajax.php” file of the Chamilo e-learning and content management system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability in the main/inc/ajax/model.ajax.php file of the Chamilo e-learning and content management system relates to the lack of protection for SQL query structures. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of t...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection due to the sql.gsub function in lib/arjdbc/jdbc/adapter.rb not properly sanitizing user-supplied input beforeusing it in SQL queries. This may allow a remote attacker to inject or manipulate SQL queries in the back-end...

PYSEC-2021-109

Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.orderby SQL injection if orderby is untrusted input from a client of a web application...

GitLab 跨站脚本漏洞

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. A security vulnerability exists in GitLab, which stems from a CSRF on the...

CVE-2021-28993

Plixer Scrutinizer 19.0.2 is affected by: SQL Injection. The impact is: obtain sensitive information remote...

CVE-2020-4902

IBM Datacap Taskmaster Capture IBM Datacap Navigator 9.1.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191045...

DHIS 2 SQL注入漏洞

DHIS 2 is a software application. A flexible information system for data capture, management, validation, analysis and visualization. A SQL injection vulnerability exists in dhis2 DHIS 2. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor...

Accellion Kiteworks SQL注入漏洞

Accellion kiteworks is a next-generation mobile file sharing and collaboration platform that improves enterprise productivity and security. A SQL injection vulnerability exists in Accellion Kiteworks versions prior to 7.4.0. An attacker could exploit the vulnerability to obtain sensitive database...