8283 matches found
dingfanzu 安全漏洞
dingfanzu is a php based takeaway ordering website. A SQL injection vulnerability exists in dingfanzu v1.0, which stems from the application's lack of validation of externally entered SQL statements. A local attacker can exploit this vulnerability to execute arbitrary code via the contents of the...
WordPress plugin Neon Product Designer SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
PT-2025-4754 · Unknown · Dingfanzu Cms
Name of the Vulnerable Software and Affected Versions: dingfanzuCMS version 1.0 Description: The issue allows a local attacker to execute arbitrary code due to incorrect filtering of content at the checkOrder.php shopId module. This enables the attacker to perform SQL injection attacks...
DDSN Interactive cm3 Acora CMS 安全漏洞
DDSN Interactive cm3 Acora CMS is an enterprise web and mobile CMS from DDSN Interactive. A security vulnerability exists in DDSN Interactive cm3 Acora CMS version 10.1.1 that stems from the presence of a SQL injection vulnerability that allows an attacker to execute arbitrary code via the table...
CVE-2024-35275
A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests...
CVE-2023-37931
An improper neutralization of special elements used in an sql command 'sql injection' vulnerability CWE-88 in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to perform a blind sql injection attack via sending crafted HTTP or HTTPS requests...
DEBIAN-CVE-2024-57644
An issue in the itchashcompare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57623
An issue in the HEAPmalloc component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57622
An issue in the expbin component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
UBUNTU-CVE-2024-57653
An issue in the qstvecsetcopy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
UBUNTU-CVE-2024-57647
An issue in the rowinsertcast component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
UBUNTU-CVE-2024-57655
An issue in the dfeninorder component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
UBUNTU-CVE-2024-57646
An issue in the psiginfo component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
PT-2025-3522 · Openlink +1 · Openlink Virtuoso-Opensource +1
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.11 Description: The issue in the dfe n in order component of openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS via crafted SQL statements. Recommendations: For openlink...
Fortinet FortiPortal SQL注入漏洞
Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. Fortinet FortiPortal suffers from a SQL injection vulnerability that stems from improper...
Fortinet FortiWeb SQL注入漏洞
Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, and other attacks to secure web applications and protect sensitive database content. A SQL injection vulnerability exists in...
PT-2025-3485 · Monetdb · Monetdb Server
Name of the Vulnerable Software and Affected Versions: MonetDB Server version 11.47.11 Description: An issue in the bind col exp component allows attackers to cause a Denial of Service DoS via crafted SQL statements. Recommendations: For MonetDB Server version 11.47.11, consider disabling the bin...
CVE-2023-42244
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...
CVE-2023-42243
In Selesta Visual Access Manager 4.42.2, an authenticated user can access the administrative page /common/vamSql.php, which allows for arbitrary SQL queries...
CVE-2025-0410
A vulnerability classified as critical was found in liujianview gymxmjpa 1.0. This vulnerability affects the function MenberDaoInpl of the file src/main/java/com/liujian/gymxmjpa/controller/MenberConntroller.java. The manipulation of the argument hyname leads to sql injection. The attack can be...