MB Connect Line mbNET.mini 注入漏洞

The mbNET.mini from MB CONNECT LINE is an industrial router designed for industrial scenarios and is primarily used to enable secure remote connections to machines and systems. MB CONNECT LINE mbNET.mini suffers from a SQL injection vulnerability that stems from improper neutralization of special...

One Identity OneLogin SQL注入漏洞

One Identity OneLogin is an identity and access management software from US-based One Identity. An SQL injection vulnerability exists in One Identity OneLogin versions prior to 2025.2.0, which stems from an improperly set SQL connection application name that could lead to information disclosure...

Online Appointment Booking System ulocateus.php File SQL Injection Vulnerability

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that stems from an error in the parameter doctorname in the file /ulocateus.php that lacks validation of externally entered SQL statements. An...

Online Appointment Booking System get_town.php File SQL Injection Vulnerability

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that stems from an error in the parameter countryid in file /gettown.php that lacks validation of an externally entered SQL statement. An attacke...

Joomcar Extensions Articles Good Search SQL注入漏洞

Joomcar Extensions Articles Good Search is a Joomla plugin from Joomcar Extensions, Inc. A SQL injection vulnerability exists in Joomcar Extensions Articles Good Search versions 1.0.0 through 1.2.4.0011, which stems from vulnerability to SQL injection attacks...

StudentManage 安全漏洞

StudentManage is a student management system by DayCloud Individual Developer in China. A security vulnerability exists in StudentManage version 1.0, which stems from improper handling of the component /admin/adminStudentUrl, which could lead to an SQL injection attack...

Joomcar Extensions Articles Calendar 注入漏洞

Joomcar Extensions Articles Calendar is a Joomla plugin from Joomcar Extensions. A SQL injection vulnerability exists in Joomcar Extensions Articles Calendar versions 1.0.0 through 1.0.1.0007, which stems from vulnerability to SQL injection attacks...

Online Appointment Booking System getDay.php File SQL Injection Vulnerability

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that stems from an error in the parameter cidval in the file /getDay.php that lacks validation of externally entered SQL statements. The...

CVE-2025-7765

A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addmanagerclinic.php. The manipulation of the argument clinic leads to sql injection. The attack can be launched...

CVE-2025-25257

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execu...

U.S. Dept Of Defense: SQL Injection - JSON 'name' parameter

A SQL injection vulnerability was discovered in the 'name' parameter of the website. The vulnerability allowed manipulation of SQL queries executed by the backend database. The original request containing the vulnerable parameter was provided...

Highsun OA 安全漏洞

Highsun OA is an office collaboration software from China's Haichang Information Highsun Company. A security vulnerability exists in Highsun OA version v.1.0.0, which originates from a SQL injection vulnerability in the if parameter in hcit.project.rte.agents.UploadImages.class, which could lead ...

Code-Projects Online Appointment Booking System 安全漏洞

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System has a SQL injection vulnerability that originates from improper handling of the parameter clinic in the file /admin/adddoctorclinic.php, which can be exploited by an attacker to access...

Code-Projects Online Appointment Booking System 注入漏洞

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that originates from improper handling of the parameter did in the file /admin/deletedoctor.php, which can be exploited by an attacker to inject...

Fortinet FortiWeb SQL注入漏洞

Fortinet FortiWeb is a Web application layer firewall from Fiat Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures Web applications and protects sensitive database content. A SQL injection vulnerability exists in...

WordPress plugin WP Pipes SQL注入漏洞

WordPress WP Pipes is an auto-collection plugin for WordPress, mainly used to merge the content of multiple RSS feeds into a new RSS feed, and supports regular updates and customized filtering features. WordPress WP Pipes suffers from a SQL injection vulnerability that stems from improper handlin...

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations. WeGIA suffers from an SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter cargo in the /controle/control.php endpoint. An attacker can exploit this vulnerability to execute illeg...

WordPress plugin Funnel Builder by FunnelKit SQL注入漏洞

WordPress Funnel Builder by FunnelKit plugin is a professional sales funnel builder plugin for WordPress platform, which is mainly used to optimize the WooCommerce shopping process and increase the conversion rate. The WordPress Funnel Builder by FunnelKit plugin suffers from a SQL injection...

WordPress plugin Pakke Envíos 注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. WordPress Pakke Envíos suffers from a SQL injection vulnerability that stems from improper neutralization of special elements in SQL commands, no details of the vulnerabili...

Advantech iView SQL Injection Vulnerability (CNVD-2025-17830)

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. An SQL injection vulnerability exists in Advantech iView, which can be exploited by an attacker to perform SQL injection and execute code in the context of the 'nt...