8289 matches found
CVE-2024-12794
A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2024-10244
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ISDO Software Web Software allows SQL Injection. This issue affects Web Software: before 3.6...
1000 Projects Attendance Tracking Management System 注入漏洞
1000 Projects Attendance Tracking Management System is an open source attendance management system from 1000 Projects. An injection vulnerability exists in 1000 Projects Attendance Tracking Management System version 1.0, which originates from an SQL injection vulnerability in the studentemailid...
PT-2024-17738 · Unknown · Codezips Technical Discussion Forum
Name of the Vulnerable Software and Affected Versions: Codezips Technical Discussion Forum version 1.0 Description: A critical issue affects some unknown functionality of the file signinpost.php. The manipulation of the username argument leads to SQL injection. The attack may be launched remotely...
PT-2024-17734
Name of the Vulnerable Software and Affected Versions itsourcecode Vehicle Management System version 1.0 Description A critical issue has been found in the itsourcecode Vehicle Management System, affecting an unknown function of the file editbill.php. The manipulation of the id argument leads to...
PT-2024-17343 · WordPress · The Travel Booking Wordpress Theme
Name of the Vulnerable Software and Affected Versions: The Travel Booking WordPress Theme versions up to, and including, 3.1.6 Description: The issue is a blind time-based SQL Injection vulnerability. It affects the order id parameter due to insufficient escaping on the user-supplied parameter an...
CVE-2024-8972
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mobil365 Informatics Saha365 App allows SQL Injection. This issue affects Saha365 App: before 30.09.2024...
Mobil365 Informatics Saha365 SQL注入漏洞
Mobil365 Informatics Saha365 is an application from Mobil365 Informatics, Inc. Mobil365 Informatics Saha365 suffers from a SQL injection vulnerability that stems from an improper neutralization of a special element...
PT-2024-39346 · Unknown · Saha365 App
Name of the Vulnerable Software and Affected Versions: Saha365 App versions prior to 30.09.2024 Description: The issue is related to the improper neutralization of special elements used in an SQL command, allowing SQL injection. This problem affects the Saha365 App. Recommendations: For versions...
WordPress plugin Mimoos SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
WordPress plugin Code Generator Pro SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
WordPress plugin WP Simple Pay Lite Manager SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
The vulnerability of the WhatsUp Gold network infrastructure monitoring system lies in the lack of protective measures for the SQL query structure, allowing attackers to gain unauthorized access to user data.
The vulnerability of the WhatsUp Gold network infrastructure monitoring system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to user accounts...
The vulnerability in the web interface of the Cisco Secure Firewall Management Center software for network administration allows a perpetrator to execute arbitrary SQL code.
The vulnerability of the Web interface for managing Cisco Secure Firewall Management Center software formerly known as Cisco Firepower Management Center is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute...
WordPress plugin Instant Appointment SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
PT-2024-36639 · Unknown · Serviceonline Service
Name of the Vulnerable Software and Affected Versions: serviceonline Service versions n/a through 1.0.4 Description: The issue is related to an 'SQL Injection' vulnerability, specifically improper neutralization of special elements used in an SQL command, allowing Blind SQL Injection. This proble...
Online Nurse Hiring System 安全漏洞
PHPGurukul Online Nurse Hiring System is an online nurse hiring system from PHPGurukul. A security vulnerability exists in Online Nurse Hiring System version v1.0, which stems from an SQL injection vulnerability found in the component /admin/profile.php via the fullname parameter...
PT-2024-36624 · Unknown · Etemplates
Name of the Vulnerable Software and Affected Versions: eTemplates versions 0.2.1 and earlier Description: The issue is related to the improper neutralization of special elements used in an SQL command, allowing SQL injection. This problem can be exploited to inject SQL code, potentially leading t...
PT-2024-36628 · Unknown · Site Intel
Name of the Vulnerable Software and Affected Versions: Critical Site Intel versions n/a through 1.0 Description: The issue is related to an improper neutralization of special elements used in an SQL command, also known as 'SQL Injection'. This allows for SQL Injection, which can be exploited...
WordPress Service plugin <= 1.0.4 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Service versions = 1.0.4...