yubiserver 安全漏洞

yubiserver is a one-time password authentication server from the yubiserver open source. A security vulnerability exists in versions of yubiserver prior to 0.6, which stems from vulnerability to SQL injection attacks and may lead to authentication bypass...

PHPGurukul Dairy Farm Shop Management System 安全漏洞

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . Dairy Farm Shop Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in manage-companies.php. No details of the vulnerability...

OpenNMS Horizon 安全漏洞

OpenNMS Horizon is an open source solution from OpenNMS, Inc. that helps you visualize and monitor everything on your local and remote networks. A security vulnerability exists in OpenNMS Horizon that stems from improper neutralization of special elements in SQL commands, which could lead to SQL...

CVE-2024-27685

SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote attacker to obtain sensitive information via a crafted payload to the $cshortname, $cfullname, and $cdate variables...

SQL Injection Vulnerability in ERP System of Shenzhen Mingyuan Cloud Technology Co.

The ERP system is a comprehensive information management platform that integrates the functions of housing, customers, sales, finance and human resources. ERP system of Shenzhen Mingyuan Cloud Technology Co., Ltd. suffers from SQL injection vulnerability, which can be exploited by attackers to...

Code-Projects Inventory Management System 注入漏洞

Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter brandStatus of file /phpaction/createBrand.php. An attacker can...

itsourcecode Employee Management System 注入漏洞

itsourcecode Employee Management System is itsourcecode open source employee management system. An injection vulnerability exists in itsourcecode Employee Management System version 1.0, which stems from improper handling of the parameter FirstName in the file /admin/editempprofile.php, which can...

The vulnerability of the customerview.php file in the tailoring management system allows a hacker to execute arbitrary SQL code.

The vulnerability of the customerview.php file in the tailoring management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary SQL code...

CVE-2025-49853

ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacker to leak arbitrary information and insert arbitrary SQL syntax into SQL queries...

WordPress GG Bought Together for WooCommerce plugin <= 1.0.2 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by ch4r0n in WordPress Plugin GG Bought Together for WooCommerce versions = 1.0.2...

novel-plus 安全漏洞

novel-plus is a novel reading software by xxy individual developer. A security vulnerability exists in novel-plus 5.1.3 and earlier versions, which stems from the mishandling of the parameter sort/order in the user management module, which may lead to an SQL injection attack...

Control iD iDSecure On-premises 注入漏洞

Control iD iDSecure On-premises is an access control software from Control iD, a Brazilian company, used to manage personnel and vehicle access. A SQL injection vulnerability exists in Control iD iDSecure On-premises version 4.7.48.0 and prior versions, which originates from SQL injection and cou...

Code-Projects Inventory Management System 安全漏洞

Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the userid parameter in the /phpaction/changePassword.php file against an externally entered SQL statement. An...

Nipah virus Testing Management System /bwdates-report-ds.php file SQL Injection Vulnerability

Nipah Virus Testing Management System is an online virus diagnostic platform. Nipah Virus Testing Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the testtype parameter of the /bwdates-report-ds.php fil...

SQL Injection Vulnerability in Changjitong T+ of Changjitong Information Technology Co. Ltd (CNVD-2025-17850)

T+ is a dynamic, intelligent and fashionable Internet management software, mainly for small and medium-sized industrial, trade and commerce enterprises with integrated financial and business applications, incorporating elements of socialization, mobility, Internet of Things, e-commerce and Intern...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Shenzhou Vision Han Technology Co., Ltd (CNVD-2025-17836)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

Code-Projects Inventory Management System 安全漏洞

Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the editCategoriesName parameter in the /phpaction/editCategories.php file for externally entered SQL statements. An...

CVE-2025-6456

A vulnerability, which was classified as critical, has been found in code-projects Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file /reservation/order.php. The manipulation of the argument Start leads to sql injection. The attack may be launche...

CVE-2025-6451

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/deletepending.php. The manipulation of the argument transactionid leads to sql injection. The attack can be initiated...

Code-Projects Simple Pizza Ordering System 注入漏洞

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter textfield in the file /addcatexec.php. An attacker can exploit...