WordPress plugin MainWP Broken Links Checker Extension SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

CVE-2023-39648

Improper neutralization of SQL parameter in Theme Volty CMS Testimonial module for PrestaShop. In the module “Theme Volty CMS Testimonial” tvcmstestimonial up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions...

WordPress Plugin Welcart e-Commerce SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

Besttem Network Marketing Software SQL Injection Vulnerability

Besttem Network Marketing Software is a network marketing software from Besttem Turkey. A SQL injection vulnerability exists in Besttem Network Marketing Software versions prior to 1.0.2309.6, which stems from improper neutralization of special elements...

CVE-2023-35068

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BMA Personnel Tracking System allows SQL Injection.This issue affects Personnel Tracking System: before 20230904...

abu SQL Injection Vulnerability

abu abu quantitative is a stock, options, futures, bitcoin trading system by the individual developer of abu bbfamily. A security vulnerability exists in abu version v0.4.0, which originates from the abupy.MarketBu.ABuSymbol.searchtosymboldict component...

Daylight Studio Fuel CMS SQL Injection Vulnerability

Daylight Studio Fuel CMS is a content management system based on CodeIgniter. A security vulnerability exists in Daylight Studio Fuel CMS version 1.4.9, which stems from an SQL injection vulnerability in the file Basemodulemodel.php that allows remote attackers to execute arbitrary code via the c...

Doctors Appointment System SQL Injection Vulnerability

Doctors Appointment System is a doctor appointment system from SourceCodester. A SQL injection vulnerability exists in SourceCodester Doctors Appointment System version 1.0, which stems from a SQL injection vulnerability in the parameter userremail...

Digital Ant E-Commerce SQL Injection Vulnerability

Digital Ant E-Commerce is an e-commerce platform from Digital Ant, Inc. A SQL injection vulnerability exists in versions of Digital Ant E-Commerce Software prior to 11, which stems from incorrect neutralization of special elements used in SQL commands...

CVE-2023-37361

REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose, apptitle, or randomization...

IBOS SQL注入漏洞

IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which originates from the presence of an unknown function in the file /?r=recruit/resume/edit&op=status in the component Interview Handler, which leads to a sql injection via the...

LeoTheme Ap Page Builder SQL注入漏洞

LeoTheme Ap Page Builder is a powerful module from LeoTheme that follows the Prestashop standard. A security vulnerability exists in LeoTheme Ap Page Builder versions prior to 1.7.8.2. An attacker exploited the vulnerability to send a specially crafted SQL query to the Productoneimg parameter to...

MyCompanyFiles Oliva Expertise EKS SQL注入漏洞

MyCompanyFiles Oliva Expertise EKS is a file management application from MyCompanyFiles, Inc. An SQL injection vulnerability exists in MyCompanyFiles Oliva Expertise EKS versions prior to 1.2, which stems from vulnerability to SQL injection attacks...

Nesote Technologies Inout Blockchain EasyPayments SQL注入漏洞

Nesote Technologies Inout Blockchain EasyPayments is an advanced and secure cryptocurrency payment platform script from Nesote Technologies, India. A SQL injection vulnerability exists in Nesote Technologies Inout Blockchain EasyPayments version 1.0 due to an unknown function in the file...

PT-2023-25127

Name of the Vulnerable Software and Affected Versions VegaGroup Web Collection versions before 31197 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations...

Schneider Electric StruxureWare Data Center Expert SQL注入漏洞

Schneider Electric StruxureWare Data Center Expert StruxureWare Data Center Management Expert is a monitoring software from the French company Schneider Electric Schneider Electric. Suitable for a variety of organizations to monitor their company-wide power, cooling, security, environment. A SQL...

CVE-2023-30323

SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to gain sensitive information...

CVE-2023-3340

A vulnerability was found in SourceCodester Online School Fees System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ajx.php of the component GET Parameter Handler. The manipulation of the argument namestartsWith leads to sql injection. The attack...

CVE-2023-35064

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Satos Satos Mobile allows SQL Injection through SOAP Parameter Tampering.This issue affects Satos Mobile: before 20230607...

CVE-2023-2607

The Multiple Page Generator Plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 3.3.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...