68 matches found
CVE-2024-54934
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteclass.php...
SourceCodester Best House Rental Management System SQL注入漏洞
SourceCodester Best House Rental Management System is a house rental management system from SourceCodester. A SQL injection vulnerability exists in SourceCodester Best House Rental Management System version 1.0, which is caused by SQL injection of the parameters firstname/lastname/email...
WordPress Plugin Easy Form Builder SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Easy Form Builder is...
Library Management System SQL Injection Vulnerability
Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A SQL injection vulnerability exists in Library Management System version 2.0, which stems from the presence of a SQL injection vulnerabilit...
CVE-2023-50857
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...
CVE-2023-32128
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in a...
PT-2023-15300 · Online Ada · Accessibility Suite
Name of the Vulnerable Software and Affected Versions: Accessibility Suite by Online ADA versions 4.11 through 4.12 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
Engineers Online Portal SQL Injection Vulnerability
Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. Engineers Online Portal suffers from a SQL injection vulnerability that stems from manipulation of the id parameter that...
PT-2023-28755 · Phpjabbers · Phpjabbers Php Shopping Cart
Name of the Vulnerable Software and Affected Versions: Phpjabbers PHP Shopping Cart version 4.2 Description: The issue is related to SQL Injection via the id parameter. This allows for potential exploitation. No information is provided about the estimated number of potentially affected devices...
Online Travel Agency System SQL注入漏洞
Online Travel Agency System is an online travel agency system by Qaseem Hilal Personal Developer. A security vulnerability exists in Online Travel Agency System version v.1.0, which can be exploited to execute arbitrary code from the id parameter of the dailyexpenditureedit.php file...
PHPJabbers Document Creator SQL Injection Vulnerability
PHPJabbers Document Creator is a PHPJabbers open source document creator. A security vulnerability exists in PHPJabbers Document Creator v1.0, which stems from an SQL injection in the column parameter of ndex.php...
SEMCMS SQL注入漏洞
SEMCMS is a foreign trade web content management system CMS that supports multiple languages. SEMCMS version 1.5 suffers from a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in the parameter id of /AntSuxin.php, which can be exploited b...
WordPress plugin Elementor Website Builder SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...
pontifex.http SQL注入漏洞
pontifex.http is an application by Andrew Personal Developer. An SQL injection vulnerability exists in pontifex.http, which originates from unknown code in the file lib/Http.coffee and operates to cause SQL injection...
Aruba Networks EdgeConnect Enterprise Orchestrator SQL注入漏洞
Aruba Networks EdgeConnect Enterprise Orchestrator is a centralized SD-WAN management solution from Aruba Networks, Inc. It provides optimization, management, automation, and real-time visibility and monitoring features for enterprise users. A security vulnerability exists in Aruba Networks...
JeecgBoot Jeecg-Boot SQL注入漏洞
Jeecg-Boot is a code generator based low-code platform from the JeecgBoot community. JeecgBoot A security vulnerability exists in Jeecg-Boot version v3.4.3, which stems from the discovery of a contained SQL injection vulnerability via component /sys/dict/queryTableData...
Automotive Shop Management System SQL注入漏洞
Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability that originates from /asms/admin/?page=user/manageuser&id=Lack of validation of externally entered...
WordPress plugin WordPress Classifieds Plugin SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...
The vulnerability of the index.php implementation in the Metinfo CMS system allows a perpetrator to execute arbitrary SQL code.
The vulnerability of the index.php script implementation in the Metinfo CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...
CVE-2022-22980
A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized...