USN-7530-1 libphp-adodb vulnerability

It was discovered that ADOdb incorrectly handled SQL input. A remote attacker could use this issue to execute arbitrary SQL commands...

The vulnerability of the ImportCertificate method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the ImportCertificate method in software for managing and monitoring remote devices in telemetry and telemechanics systems related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

The vulnerability of the UnlockTraceLevelSettings method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the UnlockTraceLevelSettings method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass...

The vulnerability of the UpdateProject method in the software for managing and monitoring removed objects in telemetry and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the UpdateProject method in software for managing and monitoring removed objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

The vulnerability of the UnlockGateway method in the software for managing and monitoring remote devices in telemetering and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the UnlockGateway method in software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

The vulnerability of the GetLogs method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems of the TeleControl Server Basic allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the GetLogs method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

CVE-2025-5298

A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/betweendates-detailsreports.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch th...

CampCodes Online Hospital Management System 安全漏洞

CampCodes Online Hospital Management System is an online hospital management system from CampCodes, Inc. A security vulnerability exists in CampCodes Online Hospital Management System version 1.0, which is caused by a SQL injection due to an incorrect manipulation of the parameter adminremark in...

CampCodes Online Hospital Management System 注入漏洞

CampCodes Online Hospital Management System is an online hospital management system from CampCodes, Inc. An injection vulnerability exists in CampCodes Online Hospital Management System version 1.0, which originates from a SQL injection due to an incorrect operation of the Doctorspecialization...

PHPGurukul News Portal Project 注入漏洞

News Portal Project is a news portal project. News Portal Project suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements for the parameter Category in the file /admin/edit-subcategory.php. An attacker can exploit this...

llisoft MTA Maita Training System 注入漏洞

The llisoft MTA Maita Training System is a training system from China Dongke llisoft. An injection vulnerability exists in version 4.5 of the llisoft MTA Maita Training System, which results from an SQL injection due to the operation of the parameter stTypeIds...

Realce Tecnologia Queue Ticket Kiosk 注入漏洞

Realce Tecnologia Queue Ticket Kiosk is a queue management software from Realce Tecnologia. An injection vulnerability exists in Realce Tecnologia Queue Ticket Kiosk 20250517 and earlier versions, which stems from a parameter Usuário operation that results in SQL injection...

Tcman Gim SQL注入漏洞

Tcman Gim is a facility management software from the Spanish company Tcman designed for use on mobile devices. A SQL injection vulnerability exists in Tcman Gim version v11, which stems from an incorrect manipulation of the parameter ArbolID in the file /GIMWeb/PC/frmPreventivosList.aspx resultin...

The vulnerability of the Quiz Maker plugin of the WordPress content management system, related to the failure to protect the SQL query structure, allows attackers to execute arbitrary SQL code.

The vulnerability of the Quiz Maker plugin of the WordPress content management system is related to the lack of protection for the SQL query structure when processing the id parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

The vulnerability of software for managing traffic in hybrid and multi-cloud environments, such as VMware Avi Load Balancer, stems from insufficient measures taken to protect the SQL query structure. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the software for managing traffic in hybrid and multi-cloud environments of VMware Avi Load Balancer is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized acce...

CVE-2024-51103

PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/password-recovery.php via the emailid and id parameters...

CVE-2025-36527

Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports...

CVE-2024-37843

Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint...

CVE-2024-3252

A vulnerability classified as critical has been found in SourceCodester Internship Portal Management System 1.0. This affects an unknown part of the file admin/checkadmin.php. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely...

CVE-2024-1576

SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator password. This issue affects MegaBIP software versions through 5.09...