CVE-2024-0498

A vulnerability was found in Project Worlds Lawyer Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file searchLawyer.php. The manipulation of the argument experience leads to sql injection. The attack can be launched...

CVE-2024-0481

A vulnerability was found in Taokeyun up to 1.0.5. It has been rated as critical. Affected by this issue is the function shopGoods of the file application/index/controller/app/store/Goods.php of the component HTTP POST Request Handler. The manipulation of the argument keyword leads to sql...

CVE-2024-0478

A vulnerability was found in code-projects Fighting Cock Information System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/pages/editchicken.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-0469

A vulnerability was found in code-projects Human Resource Integrated System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updatepersonalinfo.php. The manipulation of the argument sex leads to sql injection. The attack may be launched remotely. Th...

CVE-2024-0461

A vulnerability was found in code-projects Online Faculty Clearance 1.0. It has been classified as critical. Affected is an unknown function of the file deactivate.php of the component HTTP POST Request Handler. The manipulation of the argument haydi leads to sql injection. It is possible to laun...

PT-2023-8288 · Sourcecodester · Sourcecodester Free/Open Source Inventory Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Free and Open Source Inventory Management System version 1.0 Description: The issue is related to the lack of protection against SQL query structure exploitation in the /ample/app/action/edit product.php file of the Free and Op...

CVE-2023-7022

A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/workplan/manage/deleteall.php. The manipulation of the argument DELETESTR leads to sql injection. The attack can be launched...

CVE-2023-6311

A vulnerability was found in SourceCodester Loan Management System 1.0 and classified as critical. This issue affects the function deleteltype of the file deleteltype.php of the component Loan Type Page. The manipulation of the argument ltypeid leads to sql injection. The attack may be initiated...

CVE-2023-5813

A vulnerability was found in SourceCodester Task Reminder System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=deletereminder. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...

CVE-2023-5681

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /admin/listaddrfwresourceip.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2023-4103 Multiple vulnerabilities in IDM Sistemas QSige

QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application...

CVE-2023-5322

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DAR-7000 up to 20151231. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sysmanage/editmanageadmin.php. The manipulation of the argument id leads to sql injection. The attack may be...

PT-2023-6502 · D Link · D-Link Dar-7000

Name of the Vulnerable Software and Affected Versions: D-Link DAR-7000 versions up to 20151231 Description: The issue is related to the lack of validation of XML object sequences in the /sysmanage/edit manageadmin.php component of the D-Link DAR-7000 router's firmware. This can be exploited by a...

CVE-2023-5294

A vulnerability has been found in ECshop 4.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/order.php. The manipulation of the argument goodsid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed ...

CVE-2023-5294

A vulnerability has been found in ECshop 4.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/order.php. The manipulation of the argument goodsid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed ...

CVE-2023-5283

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teachersignup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The...

CVE-2023-5280

A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file mystudents.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has bee...

CVE-2023-5032

A vulnerability was found in OpenRapid RapidCMS 1.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/article/article-edit-run.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2023-5027

A vulnerability classified as critical was found in SourceCodester Simple Membership System 1.0. Affected by this vulnerability is an unknown functionality of the file clubvalidator.php. The manipulation of the argument club leads to sql injection. The attack can be launched remotely. The exploit...

CVE-2023-4852

A vulnerability was found in IBOS OA 4.5.5 and classified as critical. This issue affects some unknown processing of the file ?r=dashboard/database/optimize. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...