8289 matches found
CVE-2024-54932
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletedepartment.php...
CVE-2024-54928
kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteteacher.php,...
CVE-2022-38947
SQL Injection vulnerability in Flipkart-Clone-PHP version 1.0 in entry.php in producttitle parameter, allows attackers to execute arbitrary code...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit the vulnerability to access the database by executing arbitrary SQL commands via the username, firstname,...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deleteusers.php...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to gain unauthorized access to the database by executing arbitrary SQL commands via the...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to gain unauthorized access to the database by executing arbitrary SQL commands via the...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands to access the database via the department parameter...
Apache Superset SQL注入漏洞
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An SQL injection vulnerability exists in Apache Superset versions prior to 4.1.0, which stems from improper neutralization of special elements in SQL commands, where specific engine functions are...
JFinalCMS 注入漏洞
JFinalCMS is an open source free JAVA enterprise website development and construction management system. JFinalCMS has a SQL injection vulnerability in version 1.0. The vulnerability is due to the failure to adequately validate and filter user-input data in the affected version, which can be...
WordPress Beautiful Taxonomy Filters plugin <= 2.4.3 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Frissi0n in WordPress Plugin Beautiful Taxonomy Filters versions = 2.4.3...
PYSEC-2024-157
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
QNAP Systems SMB 安全漏洞
QNAP Systems SMB is a network file sharing protocol from China-based QNAP Systems. A security vulnerability exists in QNAP Systems SMB that stems from the inclusion of a SQL injection vulnerability...
Siemens Healthineers syngo 安全漏洞
Siemens Healthineers syngo is a general-purpose imaging software for medical use from Siemens Germany. It is used for 2D, 3D and 4D reading and advanced visualization. A security vulnerability exists in Siemens Healthineers syngo that stems from input data not being properly cleaned before it is...
WordPress plugin WordPress Auction Plugin 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin WP Mailster SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
PT-2024-35922 · Unknown · Basix Nex-Forms
Name of the Vulnerable Software and Affected Versions: Basix NEX-Forms – Ultimate Form Builder versions prior to 8.7.9 Description: The issue is related to the improper neutralization of special elements used in an SQL command, also known as 'SQL Injection'. This allows for malicious SQL commands...
The vulnerability of the software for managing software product licenses in HPE AutoPass License Server lies in the lack of protective measures for the SQL query structure, allowing attackers to access confidential information.
The vulnerability of the software for managing HPE AutoPass License Server products is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker to access confidential information...
The vulnerability of the module for creating multifunctional library portals “J-İRBIIS 2.0” of the SAB IRBIS platform allows a hacker to execute arbitrary SQL code.
The vulnerability of the module for creating multifunctional library portals “J-IRBIS 2.0” of the SAB IRBIS platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code by sending a...
1000 Projects Library Management System 安全漏洞
1000 Projects Library Management System is an open source library management system from 1000 Projects. A security vulnerability exists in 1000 Projects Library Management System version 1.0 due to a SQL injection in parameter q. The vulnerability is caused by the presence of a parameter q in the...