8282 matches found
PHPGurukul Art Gallery Management System 注入漏洞
Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter eid of art-enquiry.php. An attacker can exploit this...
CVE-2025-2608
A vulnerability classified as critical has been found in PHPGurukul Banquet Booking System 1.2. This affects an unknown part of the file /admin/view-user-queries.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...
EBM Technologies EBM Maintenance Center SQL注入漏洞
EBM Technologies EBM Maintenance Center is a maintenance center platform from China-based EBM Technologies EBM Technologies. A SQL injection vulnerability exists in EBM Technologies EBM Maintenance Center versions prior to 25.04.31435, which stems from an SQL injection that could lead to a remote...
DB-GPT SQL注入漏洞
DB-GPT is an AWEL and agent-based AI native data application development framework open-sourced by eosphoros. DB-GPT version v0.6.0 suffers from a SQL injection vulnerability that originates from the web API POST /api/v1/editor/sql/run allows execution of arbitrary SQL queries, which can be...
LlamaIndex SQL注入漏洞
LlamaIndex is a data framework for LLM applications from LlamaIndex open source. A SQL injection vulnerability exists in LlamaIndex v0.12.3 and earlier versions, which stems from an unvalidated SQL query and could lead to a SQL injection attack...
LlamaIndex SQL注入漏洞
LlamaIndex is a data framework for LLM applications open-sourced by LlamaIndex. LlamaIndex suffers from a SQL injection vulnerability that stems from improperly constructed SQL queries, which could lead to SQL injection attacks...
DESCOR INFOCAD 安全漏洞
DESCOR INFOCAD is a software for BIM and facilities management from DESCOR Inc. It is used for integrated management of building information modeling and facilities. A security vulnerability exists in DESCOR INFOCAD 3.5.1 and prior versions that originates from SQL injection...
Vanna SQL注入漏洞
Vanna is a personalized AI SQL agent from Vanna. A SQL injection vulnerability exists in Vanna version v0.6.2. An attacker can execute arbitrary SQL commands by exploiting this vulnerability...
Human Metapneumovirus Testing Management System /password-recovery.php File SQL Injection Vulnerability
Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. A SQL injection vulnerability exists in the Human Metapneumovirus Testing Management System due to a lack of validation of an externally-entered SQL statement in the parameter username in the...
Doctor Appointment Management System /doctor/search.php File SQL Injection Vulnerability
Doctor Appointment Management System is a doctor appointment management system. Doctor Appointment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the searchdata parameter of file /doctor/search.php. An...
Vestel EVC04 Configuration Interface SQL注入漏洞
Vestel EVC04 Configuration Interface is an application from Vestel, Inc. Vestel EVC04 Configuration Interface versions 18.03.2025 and earlier have a SQL injection vulnerability that stems from improper neutralization of special elements in SQL commands, which can lead to SQL injection...
CVE-2025-2384
A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. This affects an unknown part of the file /InsertCustomer.php of the component Parameter Handler. The manipulation of the argument...
CVE-2025-2372
A vulnerability classified as critical has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This affects an unknown part of the file /password-recovery.php of the component Password Recovery Page. The manipulation of the argument username leads to sql injection. It is...
PHPGurukul Apartment Visitors Management System 安全漏洞
Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement for the parameter username. An attacker can exploit this...
Code-Projects Blood Bank Management System 注入漏洞
Code-Projects Blood Bank Management System is an open source blood bank management system from Code-Projects. An injection vulnerability exists in Code-Projects Blood Bank Management System version 1.0, which originates from an SQL injection...
Mingyuan Cloud Real Estate ERP System 注入漏洞
Mingyuan Cloud Real Estate ERP System is a real estate business management software from China-based Mingyuan Cloud. An injection vulnerability exists in Mingyuan Cloud Real Estate ERP System version 1.0, which originates from SQL injection and could allow a remote attacker to obtain, update, and...
The vulnerability of the FortiWeb web applications’ network interface filter component allows attackers to execute arbitrary commands.
The vulnerability of the log removal filter component in FortiWeb web applications is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary commands...
Code-Projects Online Class and Exam Scheduling System 注入漏洞
Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects open source. An injection vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which stems from an incorrect manipulation of the parameter i...
Code-Projects Online Class and Exam Scheduling System 安全漏洞
Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects open source. A security vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which stems from an incorrect manipulation of the parameters...
PHPGurukul Human Metapneumovirus Testing Management System 注入漏洞
Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. A SQL injection vulnerability exists in the Human Metapneumovirus Testing Management System due to a lack of validation of an externally-entered SQL statement in the parameter username in the...