Vulnerability of the NetworkServlet.archiveTrapRange() function in the system for centrally managing network devices and ports of Advantech iView. This vulnerability allows a attacker to execute arbitrary code.

The vulnerability of the NetworkServlet.archiveTrapRange function in the system for managing network devices and ports of Advantech iView is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

Bayraktar Solar Energies ScadaWatt Otopilot SQL注入漏洞

Bayraktar Solar Energies ScadaWatt Otopilot is a solar power system monitoring and automation control product from Bayraktar Solar Energies, Turkey. A SQL injection vulnerability exists in Bayraktar Solar Energies ScadaWatt Otopilot, which stems from improper neutralization of a special element a...

The vulnerability of the network management system for monitoring industrial networks in Siemens SINEC NMS lies in the lack of measures taken to protect the SQL query structure. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Siemens SINEC NMS network management system for monitoring industrial networks is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibili...

WordPress Torod SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. WordPress Torod suffers from a SQL injection vulnerability that stems from improper handling of special elements of SQL commands, which can be exploited by an attacker to...

WordPress WP Pipes SQL Injection Vulnerability

WordPress WP Pipes is an auto-collection plugin for WordPress, mainly used to merge the content of multiple RSS feeds into a new RSS feed, and supports regular updates and customized filtering features. WordPress WP Pipes suffers from a SQL injection vulnerability that stems from improper handlin...

DJ-Extensions DJ-Flyer SQL注入漏洞

DJ-Extensions DJ-Flyer is a showcase project or service profile extension from DJ-Extensions, Inc. A SQL injection vulnerability exists in DJ-Extensions DJ-Flyer versions 1.0-3.2, which stems from a SQL injection vulnerability that could lead to the execution of arbitrary SQL commands...

DB-GPT SQL注入漏洞

DB-GPT is an AWEL and agent-based AI native data application development framework open-sourced by eosphoros. A security vulnerability exists in DB-GPT version 0.7.0, which stems from editorsqlrun and queryex being susceptible to SQL injection attacks that could lead to the execution of arbitrary...

📄 Joomla JS Jobs 1.4.2 SQL Injection

Joomla JS Jobs plugin version 1.4.2 suffers from a remote SQL injection vulnerability. Exploit Title: Joomla JS Jobs plugin 1.4.2 - SQL injection Google Dork: n/a Date: 07/07/2025 Exploit Author: Adam Wallwork Vendor Homepage: https://joomsky.com/ Demo: https://demo.joomsky.com/js-jobs/jm/free/...

CVE-2025-7933

A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /pages/settingsupdate.php of the component Setting Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated...

Mobile Shop login.php file SQL Injection Vulnerability

Mobile Shop is a mobile store. Mobile Shop suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /login.php. The vulnerability can be exploited by an attacker to execute illegal SQL commands to...

Library System add-student.php File SQL Injection Vulnerability

Library System is a library system. The Library System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter Username in the file /add-student.php for externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL...

Hospital Management System view-medhistory.php File SQL Injection Vulnerability

Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter viewid in the file view-medhistory.php. An attack...

Voting System voters_row.php file SQL Injection Vulnerability

Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements for parameter ID in file /admin/votersrow.php. An attacker can exploit this vulnerability to execute illegal SQL commands ...

Crime Reporting System registration.php File SQL Injection Vulnerability

Crime Reporting System is a crime reporting system. Crime Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Name in the file /registration.php. An attacker can exploit this vulnerability to...

Zoo Management System /admin/add-animals.php File SQL Injection Vulnerability

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cnum in the file /admin/add-animals.php. An attacker can exploit this vulnerability ...

WeGIA SQL Injection Vulnerability (CNVD-2025-17285)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the /WeGIA/html/socio/sistema/processadeletarsocio.php endpoint. An attacker could exploit this vulnerability to...

Chat System send_message.php File SQL Injection Vulnerability

Chat System is a chat system. Chat System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter msg in the file /user/sendmessage.php. An attacker can exploit this vulnerability to execute illegal SQL commands...

Online Fire Reporting System assigned-requests.php File SQL Injection Vulnerability

Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in the file /admin/assigned-requests.php. An...

PHPGurukul Online Banquet Booking System 注入漏洞

Online Banquet Booking System is an online banquet booking system. Online Banquet Booking System is vulnerable to a SQL injection vulnerability that stems from the viewid parameter in the /admin/view-user-queries.php file not being security filtered. No details of the vulnerability are available ...

Sophos Firewall 安全漏洞

Sophos Firewall is a firewall from Sophos UK. A security vulnerability exists in Sophos Firewall versions prior to 21.0 MR1, which stems from a SQL injection in WebAdmin that could lead to the execution of arbitrary code by an administrator...