Egavilan Media Bakeshop Online Ordering System SQL注入漏洞

Egavilan Media Bakeshop Online Ordering System is a Javascript-based code repository that supports interaction with git repositories from Egavilan Media. A SQL injection vulnerability exists in Online Ordering System 1.0, which allows unauthenticated SQL injection, leading to the disclosure of...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a attacker to execute arbitrary SQL queries.

The vulnerability in the vManage web interface of the Cisco SD-WAN program-defined network is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

CVE-2021-27314

SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page...

SourceCodester Courier Management System SQL注入漏洞

SourceCodester Courier Management System is an application program of SourceCodester. The system provides management functionality. An SQL injection vulnerability exists in Courier Management System 1.0, which originates in the ref no POST parameter of admin class.php...

Matthias Van Woensel qcubed SQL注入漏洞

Matthias Van Woensel qcubed is an application by Matthias Van Woensel. It provides a PHP model-view-controller framework for rapid application development. A SQL injection vulnerability exists in qcubed all versions including 3.1.1, which allows unauthenticated access to a database via injection ...

Sourcecodesterk Doctor Appointment System SQL注入漏洞

Sourcecodesterk Doctor Appointment System is a Sourcecodesterk open source application. It provides an appointment scheduling feature. Doctor Appointment System version 1.0 suffers from an SQL injection vulnerability that originates from a remote blind SQL injection vulnerability in the name and...

Sourcecodesterk Doctor Appointment System SQL注入漏洞

Doctor Appointment System is a PHP/MySQLi based doctor appointment system. A SQL blind injection vulnerability exists in contactus.php in Doctor Appointment System 1.0. An attacker can exploit this vulnerability to insert malicious SQL queries via the firstname parameter...

Sourcecodesterk Doctor Appointment System SQL注入漏洞

Doctor Appointment System is a PHP/MySQLi based doctor appointment system. A SQL blind injection vulnerability exists in contactus.php in Doctor Appointment System 1.0. The vulnerability can be exploited to insert malicious SQL queries via email parameters...

Cisco SD-WAN vManage 输入验证错误漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. An input validation error vulnerability exists in Cisco SD-WAN vManage, which is caused by improper validation of SQL query inputs on affect...

Nsf bmpanel2 SQL注入漏洞

Nsf bmpanel2 is Nsf an open source application . It provides a NETWM compatible panel for X11. A SQL injection vulnerability exists in bmpanel2, which is accessible without authentication and allows SQL injection...

The vulnerability of the CheckList component of the Joomla! content management system allows a hacker to execute arbitrary SQL commands.

The vulnerability of the CheckList component in the Joomla! content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

TPScan

thinkphp rce sql tools...

CVE-2020-36003

The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases...

CVE-2021-22854

The HR Portal of Soar Cloud System fails to filter specific parameters. Remote attackers can inject SQL syntax and obtain all data in the database without privilege...

CVE-2021-22856

The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege...

CGE property management system SQL injection vulnerability

CGE property management system is an application software from CGE China. It provides a system for financial management. A SQL injection vulnerability exists in the CGE property management system, which arises from a lack of validation of externally-entered SQL statements in a database-based...

PHPGurukul Online Book Store SQL注入漏洞

Online BookStore is an online bookstore program. There is a sql injection vulnerability in Online Book Store v1.0. The vulnerability is caused by the id parameter in detail.php not filtering special characters, and an attacker can execute arbitrary SQL statements through this vulnerability...

UBUNTU-CVE-2020-22425

Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, where an authorized user is able to inject additional SQL queries to perform remote command execution...

Mutare Voice SQL Injection Vulnerability

A SQL injection vulnerability exists in Mutare Voice that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL commands...

Sourcecodester Pisay Online E-Learning System SQL注入漏洞

Sourcecodester Pisay Online E-Learning System is an online e-learning system based on PHP and MySQL. Sourcecodester Pisay Online E-Learning System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in a database-based...