WordPress Plugin Multiple Page Generator SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

SourceCodester Online Discussion Forum Site SQL注入漏洞

SourceCodester Online Discussion Forum Site is an application from SourceCodester, Inc. An online discussion forum. A SQL injection vulnerability exists in Online Discussion Forum Site version 1.0, which stems from an incorrect manipulation of the parameter id resulting in sql injection...

CVE-2023-29632

PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajaxjmspagebuilder.php...

WordPress Plugin Pricing Table Builder SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Pricing Table Builder 1.1....

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-34362 Progress MOVEit Transfer SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

PT-2023-22557 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: PrestaShop module City Autocomplete versions prior to 1.8.12 for PrestaShop version 1.5/1.6 PrestaShop module City Autocomplete versions prior to 2.0.3 for PrestaShop version 1.7 Description: The issue allows remote attackers to execute...

PT-2023-10169 · WordPress · Portfolio Gallery Plugin

Name of the Vulnerable Software and Affected Versions: Portfolio Gallery Plugin versions up to 1.1.8 Description: A critical vulnerability has been found in the Portfolio Gallery Plugin on WordPress, affecting an unknown part. The manipulation leads to sql injection and can be initiated remotely...

PT-2023-24305 · Unknown · Old Age Home Management

Name of the Vulnerable Software and Affected Versions: Old Age Home Management version 1.0 Description: The issue concerns SQL Injection via the username parameter. This allows for potential unauthorized access or manipulation of data. Recommendations: For Old Age Home Management version 1.0,...

CVE-2023-29985

Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.phpdatefrom has a SQL Injection vulnerability...

CVE-2023-20110 Cisco Smart Software Manager On-Prem SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...

CVE-2023-2596

A vulnerability was found in SourceCodester Online Reviewer System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /reviewer/system/system/admins/manage/users/user-update.php of the component GET Parameter Handler. The manipulation of the argument...

PT-2023-18376 · Campcodes · Campcodes Coffee Shop Pos System

Name of the Vulnerable Software and Affected Versions: Campcodes Coffee Shop POS System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file /admin/user/manage user.php. The manipulation of the id argument leads to sql injection, allowi...

Campcodes Retro Basketball Shoes Online Store SQL注入漏洞

Campcodes Retro Basketball Shoes Online Store is an online store for retro basketball shoes from Campcodes, Inc. A SQL injection vulnerability exists in Campcodes Retro Basketball Shoes Online Store version 1.0, which originates from a SQL injection vulnerability in the parameter email in the fil...

Campcodes Coffee Shop POS System SQL注入漏洞

Campcodes Coffee Shop POS System is a coffee shop POS system from Campcodes. A SQL injection vulnerability exists in Campcodes Coffee Shop POS System version 1.0, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

PT-2023-18243 · Unknown · Campcodes Online Thesis Archiving System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Thesis Archiving System version 1.0 Description: A critical issue was found in the system, affecting the /admin/user/manage user.php file. The id argument is vulnerable to sql injection, which can be exploited remotely...

CVE-2023-1863

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eskom Water Metering Software allows Command Line Execution through SQL Injection.This issue affects Water Metering Software: before 23.04.06...

Campcodes Advanced Online Voting System SQL注入漏洞

Campcodes Advanced Online Voting System is an online voting system. Campcodes Advanced Online Voting System v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter voter of the file login.php, which can be exploite...

Yoga Class Registration System SQL注入漏洞

Yoga Class Registration System is a yoga class registration system. A SQL injection vulnerability exists in Yoga Class Registration System v1.0, which originates from the lack of validation of the cid parameter in /admin/login.php against external SQL input. An attacker can exploit this...

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. A security vulnerability exists in PrestaShop advancedpopupcreator versions v1.1.21...

Bank Locker Management System SQL注入漏洞

Bank Locker Management System is a bank locker management system. A SQL injection vulnerability exists in PHPGurukul Bank Locker Management System version 1.0, which stems from a problem with the file index.php, where manipulation of the parameter searchinput can lead to sql injection...