16789 matches found
CVE-2023-49969
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customersupport/index.php?page=editcustomer...
CVE-2023-45379
In the module "Rotator Img" posrotatorimg in versions at least up to 1.1 from PosThemes for PrestaShop, a guest can perform SQL injection...
CVE-2023-45256
Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, reference, or aliascb parameter to transaction.php, validation.php, or callback.php...
CVE-2023-45386
In the module extratabspro before version 2.2.8 from MyPresta.eu for PrestaShop, a guest can perform SQL injection via extratabspro::searchcategory, extratabspro::searchproduct and extratabspro::searchmanufacturer.'...
CVE-2023-45001
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Castos Seriously Simple Stats allows SQL Injection.This issue affects Seriously Simple Stats: from n/a through 1.5.0...
CVE-2023-45657
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3...
CVE-2023-45387
In the module "Product Catalog CSV, Excel, XML Export PRO" exportproducts in versions up to 5.0.0 from MyPrestaModules for PrestaShop, a guest can perform SQL injection via exportProduct::addDataToDb...
CVE-2023-31433
A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter...
CVE-2023-31671
PrestaShop postfinance = 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess...
CVE-2023-31842
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/index.php?page=editfaculty=...
CVE-2023-31937
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file...
CVE-2023-31933
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-pass-detail.php file...
CVE-2023-31753
SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary SQL commands via the "rid=" parameter...
CVE-2023-40934
A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...
CVE-2023-40215
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Demonisblack demon image annotation allows SQL Injection.This issue affects demon image annotation: from n/a through 5.1...
CVE-2023-40945
Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\myDetails.php...
CVE-2023-40958
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management aka pdm v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a remote authenticated attacker to execute arbitrary code via the query parameter in models/baseclient.py component...
CVE-2023-40852
SQL Injection vulnerability in Phpgurukul User Registration & Login and User Management System With admin panel 3.0 allows attackers to obtain sensitive information via crafted string in the admin user name field on the admin log in page...
CVE-2023-40771
SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function...
CVE-2023-40944
Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at \header.php...