PT-2023-30852 · Unknown · Projectworld Online Voting System

Name of the Vulnerable Software and Affected Versions: Online Voting System Project version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. The username parameter of the "reg action.php" resource does not validate the characters received and they are se...

PT-2006-4419 · Invision · Invision Power Board

Name of the Vulnerable Software and Affected Versions: Invision Power Board version 1.3 Final Description: The issue concerns SQL injection vulnerabilities that could allow remote attackers to execute arbitrary SQL commands. This is allegedly possible via the CODE parameter in certain actions in...

CVE-2006-3544

Multiple SQL injection vulnerabilities in Invision Power Board IPB 1.3 Final allow remote attackers to execute arbitrary SQL commands via the CODE parameter in a 1 Stats, 2 Mail, and 3 Reg action in index.php. NOTE: the developer has disputed this issue, stating that "At no point does the CODE...