CVE-2024-12490

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /pages/teachersave.php. The manipulation of the argument salut leads to sql injection. The attack can be initiated remotely...

CVE-2024-11998

A vulnerability was found in code-projects Farmacia 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /visualizer-forneccedor.chp. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2024-11966

A vulnerability was found in PHPGurukul Complaint Management system 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-11744

A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely...

itsourcecode Construction Management System SQL注入漏洞

itsourcecode Construction Management System is a construction management system from itsourcecode, Inc. A security vulnerability exists in itsourcecode Construction Management System version 1.0, which stems from a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL...

CVE-2024-11121

A vulnerability classified as critical was found in 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3. Affected by this vulnerability is an unknown functionality of the file /crm/WeiXinApp/marketing/index.php?module=Users&action=getActionList. The manipulation of the argument userid leads to sql injection...

CVE-2024-10988

The CVE-2024-10988 entry affects code-projects E-Health Care System v1.0, where the vulnerability lies in the file /Doctor/doctor_login.php. The root cause is improper handling of the email parameter, enabling SQL injection that can be triggered remotely and may affect multiple parameters. Severa...

CVE-2024-10810

A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file Doctor/apprequest.php. The manipulation of the argument appid leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2024-10758

A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack...

CVE-2024-10751

A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file pay.php. The manipulation of the argument customer leads to sql injection. The attack may be launched remotely. The exploit has been disclos...

CVE-2024-10742

CVE-2024-10742 affects code-projects Wazifa System 1.0. Affected component: the file /controllers/control.php. Root cause described across sources is lack of input validation/sanitization that allows SQL injection when manipulating the argument, with a network-exposed attack vector and remote exe...

PT-2024-16494 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions up to 11.10 Description: A critical issue was found in Tongda OA, affecting an unknown function of the file /pda/appcenter/check seal.php. The manipulation of the ID argument leads to SQL injection. It is possible to launch...

CVE-2024-10659

A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by this issue is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/document/CDGAuthoriseTempletService.java. The manipulation of the argument id leads to sql injection. The attack may...

CVE-2024-10617

A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/checkseal.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the publi...

CVE-2024-10611

A vulnerability was found in ESAFENET CDG 5 and classified as critical. This issue affects the function delProtocol of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit h...

CVE-2024-10596

A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function delEntryptPolicySort of the file /com/esafenet/servlet/system/EncryptPolicyTypeService.java. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-10596

CVE-2024-10596 affects ESAFENET CDG 5, specifically the function delEntryptPolicySort in /com/esafenet/servlet/system/EncryptPolicyTypeService.java. The vulnerability arises from improper handling of the id argument, enabling SQL injection that can be exploited remotely. Public disclosure of the ...

VulnCheck KEV: CVE-2020-29574

CyberoamOS CROS contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely...

CVE-2024-10506

CVE-2024-10506 affects code-projects Blood Bank System 1.0. A SQL injection vulnerability exists in the /admin/blood/update/B-.php file through manipulation of the Bloodname parameter. Exploitation can be performed remotely; the exploit has been disclosed publicly. Multiple sources corroborate th...

CVE-2024-10500

A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by this issue is some unknown functionality of the file /com/esafenet/servlet/policy/HookWhiteListService.java. The manipulation of the argument policyId leads to sql injection. The attack may be launche...