Stack overflow

A vulnerability was found in Totolink N350RT 9.3.5u.6139B20201216. It has been rated as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. Th...

CVE-2023-7187

The CVE-2023-7187 entry affects Totolink N350RT (v9.3.5u.6139_B20201216) where the HTTP POST Request Handler at /cgi-bin/cstecgi.cgi?action=login&flag=ie8 can trigger a stack-based buffer overflow in a vulnerable component. Publicly disclosed exploit and advisories indicate high severity with pot...

CVE-2023-7178

A vulnerability, which was classified as critical, has been found in Campcodes Online College Library System 1.0. This issue affects some unknown processing of the file /admin/bookrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The...

CVE-2023-7179

A vulnerability, which was classified as critical, was found in Campcodes Online College Library System 1.0. Affected is an unknown function of the file /admin/categoryrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to...

Sql injection

A vulnerability, which was classified as critical, was found in Campcodes Online College Library System 1.0. Affected is an unknown function of the file /admin/categoryrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to...

Sql injection

A vulnerability, which was classified as critical, has been found in Campcodes Online College Library System 1.0. This issue affects some unknown processing of the file /admin/bookrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The...

CVE-2023-7179 Campcodes Online College Library System HTTP POST Request category_row.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Online College Library System 1.0. Affected is an unknown function of the file /admin/categoryrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to...

CVE-2023-7176

A vulnerability classified as critical has been found in Campcodes Online College Library System 1.0. This affects an unknown part of the file /admin/returnadd.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injection. It is possible to initia...

CVE-2023-7177

A vulnerability classified as critical was found in Campcodes Online College Library System 1.0. This vulnerability affects unknown code of the file /admin/bookadd.php of the component HTTP POST Request Handler. The manipulation of the argument category leads to sql injection. The attack can be...

CVE-2023-7177

The CVE-2023-7177 entry affects Campcodes Online College Library System 1.0, specifically the HTTP POST Request Handler at /admin/book_add.php. All connected documents consistently identify a SQL injection vulnerability caused by unsafely handling the category argument, enabling remote exploitati...

CVE-2023-7175

A vulnerability was found in Campcodes Online College Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/borrowadd.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injectio...

Sql injection

A vulnerability was found in Campcodes Online College Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/borrowadd.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injectio...

PT-2023-32924 · Unknown · Campcodes Online College Library System

Name of the Vulnerable Software and Affected Versions: Campcodes Online College Library System version 1.0 Description: A critical issue affects the processing of the file /admin/book row.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to SQL injection. T...

CVE-2023-7166

Novel-Plus up to 4.2.0 contains a cross-site scripting vulnerability in the HTTP POST handler at /user/updateUserInfo via the nickName parameter. The issue can be triggered remotely, and the exploit has been disclosed publicly. A patch is identified by c62da9bb3a9b3603014d0edb436146512631100d, an...

CVE-2023-7145

A vulnerability classified as critical was found in gopeak MasterLab up to 3.3.10. This vulnerability affects the function sqlInject of the file app/ctrl/Framework.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...

CVE-2023-7145

A vulnerability classified as critical was found in gopeak MasterLab up to 3.3.10. This vulnerability affects the function sqlInject of the file app/ctrl/Framework.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...

CVE-2023-7146

A vulnerability, which was classified as critical, has been found in gopeak MasterLab up to 3.3.10. This issue affects the function sqlInjectDelete of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument phone leads to sql injection...

Sql injection

A vulnerability classified as critical was found in gopeak MasterLab up to 3.3.10. This vulnerability affects the function sqlInject of the file app/ctrl/Framework.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...

Sql injection

A vulnerability, which was classified as critical, has been found in gopeak MasterLab up to 3.3.10. This issue affects the function sqlInjectDelete of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument phone leads to sql injection...

CVE-2023-7146 gopeak MasterLab HTTP POST Request Feature.php sqlInjectDelete sql injection

A vulnerability, which was classified as critical, has been found in gopeak MasterLab up to 3.3.10. This issue affects the function sqlInjectDelete of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument phone leads to sql injection...