8282 matches found
CVE-2022-29059
An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 in FortiWeb version 7.0.1 and below, 6.4.2 and below, 6.3.20 and below, 6.2.7 and below may allow a privileged attacker to execute SQL commands over the log database via specifically crafted...
LogicalDOC SQL注入漏洞
LogicalDOC is the United States LogicalDOC company a set of document management system developed using Java technology. The system has features such as Lucene full-text search indexing and automatic import. A security vulnerability exists in LogicalDOC that stems from the login function containin...
Restaurant Table Booking System username/mobileno Parameter SQL Injection Vulnerability
Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter username/mobileno in the...
Restaurant Table Booking System /admin/check_availability.php File SQL Injection Vulnerability
Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that originates from an incorrect operation of the parameter username in the /admin/checkavailability.php file, which can lead to SQL injection. An...
CVE-2025-2132
A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajaxalllists of the component Search. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has be...
AT Software Solutions ATSVD 注入漏洞
AT Software Solutions ATSVD is an application from the Brazilian company AT Software Solutions. An injection vulnerability exists in AT Software Solutions ATSVD version 3.4.1 and earlier, which stems from an incorrect manipulation of the parameter txtCPF that can lead to SQL injection...
ftcms 注入漏洞
ftcms is a content management system from ftcms Inc. An injection vulnerability exists in ftcms version 2.1, which stems from the fact that incorrect manipulation of the parameter name can lead to SQL injection...
WordPress School Management System for Wordpress plugin <= 92.0.0 - Authenticated (Subscriber+) SQL Injection via 'mj_smgt_show_event_task' vulnerability
Authenticated Subscriber+ SQL Injection via 'mjsmgtshoweventtask' vulnerability discovered by shaman0x01 in WordPress Plugin School Management versions = 92.0.0...
Projectworlds Life Insurance Management System 注入漏洞
Projectworlds Life Insurance Management System is a life insurance management system from Projectworlds India. An injection vulnerability exists in Projectworlds Life Insurance Management System version 1.0, which stems from improper manipulation of the reciptno parameter and can lead to SQL...
Projectworlds Life Insurance Management System 注入漏洞
Projectworlds Life Insurance Management System is a life insurance management system from Projectworlds India. An injection vulnerability exists in Projectworlds Life Insurance Management System version 1.0, which stems from improper manipulation of the key parameter and could lead to an SQL...
PHPGurukul Emergency Ambulance Hiring Portal 注入漏洞
Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. Emergency Ambulance Hiring Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the contactnumber parameter of the /admin/admin-profile.php file. An...
CVE-2024-13147
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Merkur Software B2B Login Panel allows SQL Injection. This issue affects B2B Login Panel: before 15.01.2025...
CVE-2024-12097
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Boceksoft Informatics E-Travel allows SQL Injection. This issue affects E-Travel: before 15.12.2024...
Boceksoft Informatics E-Travel SQL注入漏洞
Boceksoft Informatics E-Travel is an application from Boceksoft. A SQL injection vulnerability exists in Boceksoft Informatics E-Travel versions prior to 15.12.2024, which stems from the presence of SQL injection...
WordPress plugin Hero Mega Menu SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
The vulnerability of the IBM Engineering Lifecycle Optimization - Publishing software lies in the lack of protective measures for the SQL query structure, allowing attackers to gain unauthorized access to protected information.
The vulnerability of IBM Engineering Lifecycle Optimization - Publishing software relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
PHPGurukul Human Metapneumovirus Testing Management System 注入漏洞
Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. Human Metapneumovirus Testing Management System is vulnerable to a SQL injection vulnerability that affects the username parameter in the /login.php file. No details of the vulnerability are...
Wind Media E-Commerce Website Template SQL注入漏洞
Wind Media E-Commerce Website Template is an e-commerce template from Wind Media, Inc. A SQL injection vulnerability exists in Wind Media E-Commerce Website Template versions prior to v1.5, which stems from susceptibility to SQL injection attacks...
PHPGurukul Restaurant Table Booking System 注入漏洞
Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that stems from incorrect manipulation of the searchdata parameter in the /search-result.php file that can lead to SQL injection. No details of the...
Codezips Online Shopping Website 安全漏洞
Codezips Online Shopping Website is a Codezips open source online store system. A security vulnerability exists in Codezips Online Shopping Website version 1.0, which stems from an incorrect manipulation of the parameter id that can lead to SQL injection...