PT-2024-26921 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /control/addcase stage.php. The manipulation of the cname...

PT-2024-26394 · Unknown · Campcodes Online Event Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Event Management System version 1.0 Description: A critical vulnerability was found in the system, affecting unknown code in the file /views/index.php. The manipulation of the ID argument leads to SQL injection. The attack ca...

CVE-2024-3348

A vulnerability classified as critical has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected is an unknown function of the file booking/index.php. The manipulation of the argument logemail/logpword leads to sql injection. It is possible to launch the attack...

WordPress REHub Framework plugin < 19.6.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin REHub Framework versions 19.6.2...

PT-2024-4014 · Ivanti · Ivanti Endpoint Manager

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2022 SU5 Description: The issue is related to a SQL Injection vulnerability in the GetDBPatches method of Ivanti Endpoint Manager, which fails to properly protect the SQL query structure. This allows ...

WordPress 10Web Map Builder for Google Maps plugin <= 1.0.74 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Plugin 10Web Map Builder for Google Maps versions = 1.0.74...

PT-2024-15685 · WordPress · Wp Erp

Name of the Vulnerable Software and Affected Versions: The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress versions up to, and including, 1.12.9 Description: The issue is related to union-based SQL Injection via the email parameter...

PT-2024-22503 · Unknown · Mergen Software Quality Management System

Name of the Vulnerable Software and Affected Versions: Mergen Software Quality Management System versions through 25032024 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection...

CVE-2024-27956

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0...

Campcodes Complete Online DJ Booking System SQL注入漏洞

Campcodes Complete Online DJ Booking System is an online DJ booking system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Complete Online DJ Booking System, which originates from a SQL injection vulnerability in the searchdata parameter of the...

Campcodes Complete Online Beauty Parlor Management System 安全漏洞

Campcodes Complete Online Beauty Parlor Management System is an online beauty parlor management system from Campcodes, Inc. A security vulnerability exists in Campcodes Complete Online Beauty Parlor Management System version 1.0, which originates from an SQL injection vulnerability in the email...

PT-2024-18242 · Mediavine · Create By Mediavine Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Create by Mediavine plugin for WordPress versions up to, and including, 1.9.4 Description: The issue allows for SQL Injection via the id parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation ...

PrestaShop Abandoned Cart Reminder Pro Security Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image zoom and other features. A security vulnerability exists in PrestaShop Abandoned Cart Reminder Pro v.2.0.11 and prior...

PT-2024-21670 · Unknown · Campcodes Complete Online Dj Booking System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Online DJ Booking System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /admin/booking-bwdates-reports-details.php. The manipulation of the fromdate...

PT-2024-22411 · Prestashop +1 · Fme Modules Quickproducttable Module +1

Name of the Vulnerable Software and Affected Versions: FME Modules quickproducttable module for PrestaShop versions 1.2.1 and earlier Description: The issue allows a remote attacker to escalate privileges and obtain information. This is achieved through the readCsv, displayAjaxProductChangeAttr,...

PT-2024-12915 · Unknown · Code-Projects.Org Online Job Portal

Name of the Vulnerable Software and Affected Versions: code-projects.org Online Job Portal version 1.0 Description: The issue is related to SQL Injection. It can be exploited via the "/Employer/DeleteJob.php?JobId=1" API endpoint, specifically through the JobId variable. This allows for potential...

PT-2024-18429 · Sourcecodester · Sourcecodester Web-Based Student Clearance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Web-Based Student Clearance System version 1.0 Description: A critical issue was found in the system, affecting an unknown functionality of the file /Admin/login.php. The manipulation of the txtpassword argument leads to SQL...

Scholars Tracking System Security Vulnerability

Scholars Tracking System is a scholars tracking system by Fabian Ros Individual Developers. A security vulnerability exists in Scholars Tracking System version 1.0, which stems from the vulnerability to SQL injection attacks via PublisherID...

SourceCodester Employee Management System SQL Injection Vulnerability

SourceCodester Employee Management System is a php-based website builder for employee performance management from SourceCodester. A SQL injection vulnerability exists in SourceCodester Employee Management System version 1.0, which stems from an incorrect manipulation of the parameter pid that can...

PT-2024-18386 · Sourcecodester · Sourcecodester Employee Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee Management System version 1.0 Description: A critical issue affects some unknown functionality of the file /myprofile.php. The manipulation of the id argument with the input 1%20or%201=1 leads to SQL injection. The...