1135 matches found
PT-2023-30469 · Unknown · Master Slider Pro
Name of the Vulnerable Software and Affected Versions: Master Slider Pro versions n/a through 3.6.5 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations...
Best Courier Management System SQL Injection Vulnerability
Best Courier Management System is a courier management system by Mayuri K. Individual developer. A SQL injection vulnerability exists in SourceCodester Best Courier Management System version 1.0, which originates from a SQL injection vulnerability in the file manageuser.php...
PT-2023-31183 · Rockoa · Rockoa
Name of the Vulnerable Software and Affected Versions: Rockoa versions prior to 2.3.3 Description: The issue is related to SQL Injection. The problem exists in the indexAction method in reimpAction.php. Recommendations: For versions prior to 2.3.3, update to version 2.3.3 or later to resolve the...
ArslanSoft Education Portal SQL Injection Vulnerability
ArslanSoft Education Portal is an education portal from ArslanSoft, Inc. A SQL injection vulnerability exists in versions prior to ArslanSoft Education Portal v1.1, which stems from the presence of a SQL injection vulnerability...
WordPress Plugin My Calendar Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2023-3631
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Medart Health Services Medart Notification Panel allows SQL Injection.This issue affects Medart Notification Panel: through 20231123. NOTE: The vendor was contacted early about this disclosure but...
PT-2023-24483 · Veribase · Veribase
Name of the Vulnerable Software and Affected Versions: Veribase versions through 20231123 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. The vendor was contacted...
CVE-2023-22268
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could lead to information disclosure by an low-privileged authenticated attacker. Exploitation of this issue does not require us...
CVE-2023-46014
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters...
Exploit for SQL Injection in Code-Projects Blood_Bank
CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-...
CVE-2023-45657
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3...
CVE-2023-40207
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RedNao Donations Made Easy – Smart Donations allows SQL Injection.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12...
PT-2023-15085 · Unknown · Kaizencoders Short Url
Name of the Vulnerable Software and Affected Versions: KaizenCoders Short URL versions 1.6.4 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
PT-2023-24853 · Wedevs · Wedevs Wp Project Manager
Name of the Vulnerable Software and Affected Versions: weDevs WP Project Manager versions through 2.6.0 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
PT-2023-26400 · Unknown · Onepage Builder
Name of the Vulnerable Software and Affected Versions: Onepage Builder versions n/a through 2.4.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations:...
CVE-2023-5926
A vulnerability, which was classified as critical, was found in Campcodes Simple Student Information System 1.0. Affected is an unknown function of the file /admin/students/updatestatus.php. The manipulation of the argument studentid leads to sql injection. The exploit has been disclosed to the...
PT-2023-29504 · Unknown · Online Food Ordering System
Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the role parameter of the "routers/add-users.php" resource does not validate the characters received...
Addify WooCommerce Advanced Free Gifts Plugin Security Vulnerability
Addify WooCommerce Advanced Free Gifts Plugin is an advanced free gifts plugin from Addify. Enables store owners to offer free gifts to their customers. A security vulnerability exists in Addify WooCommerce Advanced Free Gifts Plugin v.1.0.2 and prior versions, which stems from the presence of a...
WordPress Plugin User Activity Log SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A SQL injection vulnerability exists in the WordPress...
Netcon NS-ASG SQL Injection Vulnerability
Netcon NS-ASG is an application security gateway from China Netcon Technology Netcon. A security vulnerability exists in Netcon NS-ASG version 6.3, which originates from some unknown functions in /protocol/firewall/uploadfirewall.php that cause SQL injection via the parameter messagecontent...