Zenario CMS SQL注入漏洞

Zenario CMS is a Zenario open source application . Provides a web-based content management system. A security vulnerability exists in Zenario CMS 8.8.52729 SQL Injection, which allows remote attackers to exploit the vulnerability to access the database or remove plugins...

CVE-2021-30175

ZEROF Web Server 1.0 April 2021 allows SQL Injection via the /HandleEvent endpoint for the login page...

OpenClinic GA SQL注入漏洞

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management and other functions. An SQL injection vulnerability exists in the findSector parameter of the "Patientslist.do" page in OpenClinic GA...

OpenClinic GA SQL注入漏洞

OpenClinic GA is an open source hospital integrated information management system . A SQL injection vulnerability exists in manageServiceStocks.jsp in OpenClinic GA version 5.173.3. An attacker can exploit this vulnerability through a specially crafted HTTP request to conduct a SQL injection atta...

OpenClinic GA SQL注入漏洞

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management and other functions. An SQL injection vulnerability exists in the immoBuyer parameter in listImmoLabels.jsp in OpenClinic GA version...

Eaton Intelligent Power Manager SQL注入漏洞

Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. An SQL injection vulnerability exists in Eaton Intelligent Power Manager versions prior to 1.69, which is...

The vulnerability of the AVEVA Enterprise Data Management Web (eDNA Web) software platform, related to the lack of measures taken to protect the SQL query structure, allows a hacker to execute arbitrary SQL commands.

The vulnerability of the AVEVA Enterprise Data Management Web eDNA Web software platform is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

WordPress和Sprymedia DataTables SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.Sprymedia DataTables is a JavaScript library for converting HTML tables to dynamic tables from the UK company...

The vulnerability of the Accellion FTA security system, which stems from the lack of measures to protect the SQL query structure, allows attackers to execute arbitrary SQL code and gain unauthorized access to protected information.

The vulnerability of the Accellion FTA security system lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary SQL code and gain unauthorized access to protected information using a specially...

CVE-2021-30000

An issue was discovered in LATRIX 0.6.0. SQL injection in the txtaccesscode parameter of inandout.php leads to information disclosure and code execution...

Piwigo SQL注入漏洞

Piwigo is a free and open source web photo album software. A SQL injection vulnerability exists in versions prior to Piwigo 11.4.0. An attacker can exploit this vulnerability by using the language parameter of admin.php?page=languages to conduct a SQL injection attack...

Rockwell Automation FactoryTalk AssetCentre SQL注入漏洞

Rockwell Automation FactoryTalk AssetCentre is an asset management software tool from Rockwell Automation that allows manufacturers and industrial companies to centrally manage controllers and other automation-related assets. An SQL injection vulnerability exists in Rockwell Automation FactoryTal...

The vulnerability of the Citrix XenMobile Server, a system for managing corporate mobile devices, stems from the lack of protective measures for the SQL query structure. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Citrix XenMobile Server, a system for managing corporate mobile devices, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informatio...

Sourcecodester Simple College Website SQL注入漏洞

Sourcecodester Simple College Website is a content management system from Sourcecodester. Sourcecodester Simple College Website suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications, which can be exploit...

CVE-2021-27315

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter...

CVE-2021-24141

Unvaludated input in the Advanced Database Cleaner plugin, versions before 3.0.2, lead to SQL injection allowing high privilege users admin+ to perform SQL attacks...

Wordpress Slider by 10Web SQL注入漏洞

Wordpress Slider by 10Web is an open source application plugin for Wordpress. Provides a versatile solution for adding a fast loading, responsive and SEO friendly slider to website pages, posts, theme headers or any other location. Slider by 10Web WordPress plugin versions prior to 1.2.36 suffers...

Hgiga MailSherlock SQL注入漏洞

Hgiga MailSherlock is a set of enterprise mail audit system from Henderson Hgiga, China. HGiga MailSherlock suffers from a SQL injection vulnerability, which stems from the lack of validation of externally entered SQL statements in database-based applications, and can be exploited by an attacker ...

Wordpress Load More SQL注入漏洞

Wordpress Load More is Wordpress an open source application plugin . Provide a load more items function . WordPress Load More plugin before 5.3.2 SQL injection vulnerability exists , the vulnerability stems from /wp-admin/admin-ajax.php repeater parameter or type=test parameter...

Excellent Infotek Corporation EIC e-document system SQL注入漏洞

Excellent Infotek Corporation EIC e-document system is an application system of Excellent Infotek Corporation. EIC e-document system is an application system of Excellent Infotek Corporation, which provides precise, simple and standardized XML document forms to simplify the process of writing and...