8289 matches found
WordPress Share Buttons – Social Media plugin <= 1.0.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Share Buttons – Social Media versions = 1.0.2...
WordPress TSB Occasion Editor plugin <= 1.2.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin TSB Occasion Editor versions = 1.2.1...
Dell Avamar SQL Injection Vulnerability (CNVD-2025-18249)
Dell Avamar is a data backup and recovery software. A SQL injection vulnerability exists in Dell Avamar. The vulnerability stems from a lack of proper neutralization of specific elements used in SQL commands. An attacker could exploit the vulnerability to execute commands...
Online Class and Exam Scheduling System class_update.php File SQL Injection Vulnerability
Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the id parameter of the classupdate.php page. ...
CVE-2024-54811
A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter...
wetech-cms 注入漏洞
wetech-cms is a content management system by Cheng Jinbao, an individual developer. An injection vulnerability exists in wetech-cms version 1.0 to 1.2, which is prone to SQL injection attacks...
The vulnerability of the DeviceManager component in the Visteon Infotainment automotive application platform allows a hacker to execute arbitrary SQL code within the root context.
The vulnerability of the DeviceManager component in the Visteon Infotainment automotive application platform relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL code within the root context...
Code-Projects Online Class and Exam Scheduling System 安全漏洞
Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects, Inc. A security vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which stems from a parameter id in the file /pages/subjectupdate.php...
PT-2024-16986 · WordPress · Sql Chart Builder
Name of the Vulnerable Software and Affected Versions: SQL Chart Builder plugin for WordPress versions up to, and including, 2.3.6 Description: The issue arises from insufficient escaping on the user-supplied arg1 parameter and lack of sufficient preparation on the existing SQL query in the gvn...
XWiki Platform 安全漏洞
XWiki Platform is the XWiki open source suite of wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions 11.10.6 through 14.3-rc-1, which originates in getdocument.vm, where the order in which documents are returned is defined from th...
WordPress plugin AI Engine 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
code-projects Online Class and Exam Scheduling System 注入漏洞
Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects, Inc. An injection vulnerability exists in code-projects Online Class and Exam Scheduling System version 1.0, which stems from the parameter id of the file /pages/rankupdate.php...
wetech-cms 注入漏洞
wetech-cms is a content management system by Cheng Jinbao, an individual developer. An injection vulnerability exists in wetech-cms version 1.0 to 1.2, which is prone to SQL injection attacks...
Image Access Scan2Net 安全漏洞
Image Access Scan2Net is a scanning software from Image Access Germany. A security vulnerability exists in Image Access Scan2Net versions 7.40 and earlier, 7.42 and earlier, and 7.42B and earlier, which originates from an authenticated attacker who can perform SQL injection by accessing the...
WordPress Hive Support plugin <= 1.1.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Hive Support versions = 1.1.2...
CVE-2024-47484
Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. An unauthenticated attacker with remote access could potentially exploit this...
Ivanti CSA 安全漏洞
Ivanti CSA is a locally deployed virtual appliance from Ivanti that is designed to simplify the integration of IT service management with cloud services and support automated processes to improve operational efficiency. Ivanti CSA suffers from a SQL injection vulnerability that can be exploited b...
Dell Avamar SQL注入漏洞
Dell Avamar is a purpose-built backup application from Dell, Inc. It is designed to provide a conveniently sized, turnkey, affordable, deduplicated backup solution. Dell Avamar suffers from a SQL injection vulnerability that arises from an improper neutralization of special elements used in SQL...
VulnCheck KEV: CVE-2024-35286
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...
PT-2024-32927 · Dell · Dell Avamar
Name of the Vulnerable Software and Affected Versions: Dell Avamar versions 19.x Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This could allow a low-privileged attacker with remote access t...