8281 matches found
Clinic’s Patient Management System SQL注入漏洞
Clinic's Patient Management System is a patient management system for a clinic in Carlo Montero. A security vulnerability exists in Clinic's Patient Management System version 2.0, which originates from a SQL injection vulnerability on the login page...
PT-2025-37310
Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30 Description The Chamilo learning management system has an OS Command Injection issue. This occurs due to a failure to neutralize special elements used in the operating system command. Successful exploitation...
PT-2025-35788
Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.30 Description The Chamilo LMS system has an issue due to inadequate validation of XML object sequences. Successful exploitation could allow a remote attacker to execute arbitrary SQL queries. The application...
WordPress plugin Advanced WooCommerce Product Sales Reporting SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One SQL注入漏洞
WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Ai Auto Tool Content Writing Assistant Gemini...
WordPress plugin XV Random Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
The vulnerability of the CLI component of the Fortinet FortiManager device management software and the FortiAnalyzer and FortiAnalyzer-BigData security event monitoring and analysis tools allows a attacker to execute arbitrary commands or code.
The vulnerability of the CLI component of the Fortinet FortiManager device management software, as well as the FortiAnalyzer and FortiAnalyzer-BigData security event monitoring and analysis tools, is related to the lack of protective measures for the SQL query structure. Exploiting this...
The vulnerability of the itc_sample_row_check component in the Virtuoso-OpenSource web application development platform allows a hacker to trigger a service failure.
The vulnerability of the itcsamplerowcheck component in the Virtuoso-OpenSource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability allows an attacker to cause service interruptions by sending speciall...
The vulnerability of the itc_set_param_row component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.
The vulnerability of the itcsetparamrow component in the Virtuoso-OpenSource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially...
The vulnerability of the qst_vec_set component in the virtuoso-opensource web application development platform allows a attacker to trigger a service failure.
The vulnerability of the qstvecset component in the virtuoso-opensource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...
The vulnerability of the row_insert_cast component in the virtuoso-opensource web application development platform allows a attacker to trigger a service failure.
The vulnerability of the rowinsertcast component in the virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...
PiExtract SOOP-CLM SQL注入漏洞
PiExtract SOOP-CLM is a cost-effective enterprise-level centralized log management solution from China Xinyan PiExtract. A SQL injection vulnerability exists in PiExtract SOOP-CLM versions v5.1.0 through v5.3.0, which stems from an SQL injection that could result in reading, modifying, and deleti...
The vulnerability of the sqlo_expand_jts component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.
The vulnerability of the sqloexpandjts component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...
The vulnerability of the qst_vec_set_copy component in the Virtuoso-OpenSource web application development platform allows a hacker to trigger a service failure.
The vulnerability of the qstvecsetcopy component in the Virtuoso-OpenSource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...
The vulnerability of the dfe_unit_gb_dependant component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.
The vulnerability of the dfeunitgbdependant component in the virtuoso-opensource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability allows an attacker to cause service interruptions by sending special...
The vulnerability of the sql_tree_hash_1 component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.
The vulnerability of the sqltreehash1 component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially...
WordPress Slider by BestWebSoft plugin <= 1.1.0 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by domiee13 in WordPress Plugin Slider by BestWebSoft versions = 1.1.0...
Bank Locker Management System profile.php file SQL Injection Vulnerability
Bank Locker Management System is a bank locker management system. Bank Locker Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the profile.php file's parameter mobilenumber. An attacker can exploit this...
Bank Locker Management System changeidproof.php File SQL Injection Vulnerability
Bank Locker Management System is a bank locker management system. Bank Locker Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the editid parameter of the changeidproof.php file. An attacker can exploit thi...
WordPress JS Help Desk plugin <= 2.9.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin JS Help Desk versions = 2.9.2...