CVE-2023-1949

A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file change-password.php of the component Change Password Handler. The manipulation of the argument password leads to sql injection. It is possibl...

Suprema BioStar 2 SQL注入漏洞

Suprema BioStar 2 is a web-based biometric security smart lock platform from Suprema Korea. A security vulnerability exists in Suprema BioStar 2 version v2.8.16. An attacker can exploit the vulnerability to perform SQL injection via the values parameter at /users/absence?searchmonth=1...

Desdev DedeCMS SQL注入漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has content publishing, content management, content editing and content retrieval functions. A security vulnerability exists in...

CVE-2023-1360

A vulnerability was found in SourceCodester Employee Payslip Generator with Sending Mail 1.2.0 and classified as critical. This issue affects some unknown processing of the file classes/Users.php?f=save of the component New User Creation. The manipulation of the argument username leads to sql...

SourceCodester Friendly Island Pizza Website and Ordering System SQL注入漏洞

SourceCodester Friendly Island Pizza Website and Ordering System is the Island Pizza website and ordering system. A SQL injection vulnerability exists in SourceCodester Friendly Island Pizza Website and Ordering System version 1.0 due to an unknown function in the file deleteorder.php in the...

CVE-2021-3854

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Glox Technology Useroam Hotspot allows SQL Injection. This issue affects Useroam Hotspot: before 5.1.0.15...

PT-2023-12339

Name of the Vulnerable Software and Affected Versions Glox Technology Useroam Hotspot versions prior to 5.1.0.15 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

SourceCodester Doctors Appointment System SQL注入漏洞

SourceCodester Doctor Appointment System is an application from SourceCodester USA. It provides an appointment scheduling feature. A SQL injection vulnerability exists in the SourceCodester Doctors Appointment System version 1.0, which originates from an unknown function in the file...

PT-2023-16708 · Sourcecodester · Sourcecodester Interview Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Reviewer Management System version 1.0 Description: A critical issue has been discovered, allowing for SQL injection through the manipulation of the id argument in an unknown function of the file /reviewer...

SourceCodester Class and Exam Timetabling System SQL注入漏洞

Class and Exam Timetabling System is a class and exam timetabling system by the individual developer Cherylda Jardeliza Ohiman. SourceCodester Class and Exam Timetabling System version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter password...

CVE-2023-0913

A vulnerability classified as critical was found in SourceCodester Auto Dealer Management System 1.0. This vulnerability affects unknown code of the file /adms/admin/?page=vehicles/sellvehicle. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...

WordPress plugin WP Airbnb Review Slider SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WP Airbnb Review Slid...

CVE-2022-45526

SQL Injection vulnerability in Future-Depth Institutional Management Website IMS 1.0, allows attackers to execute arbitrary commands via the ad parameter to /adminarea/logintransfer.php...

Online Food Ordering System 跨站脚本漏洞

Online Food Ordering System is an online food ordering system. An SQL injection vulnerability exists in Online Food Ordering System, which stems from a lack of validation of externally entered SQL statements in the id parameter of the vieworder.php page. An attacker could use this vulnerability t...

PT-2023-19236 · WordPress · Wp-Topbar

Name of the Vulnerable Software and Affected Versions: WP-TopBar versions prior to 5.37 Description: The issue is related to an Authenticated SQL Injection SQLi vulnerability. Recommendations: For WP-TopBar versions prior to 5.37, update to version 5.37 or later to resolve the issue...

WordPress Plugin The Login with Phone Number SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

Seltmann GmbH Content Management System 6 SQL注入漏洞

seltmann Seltmann GmbH Content Management System is a content management system from seltmann. A security vulnerability exists in Seltmann GmbH Content Management System 6. An attacker could exploit this vulnerability to perform SQL injection via /index.php...

Aruba Networks EdgeConnect Enterprise Orchestrator SQL注入漏洞

Aruba Networks EdgeConnect Enterprise Orchestrator is a centralized SD-WAN management solution from Aruba Networks, Inc. It provides optimization, management, automation, and real-time visibility and monitoring features for enterprise users. A security vulnerability exists in Aruba Networks...

CVE-2022-4739

A vulnerability classified as critical was found in SourceCodester School Dormitory Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Admin Login. The manipulation leads to sql injection. The attack can be launched remotely. The associated identifi...

CVE-2022-45010

Simple Phone Book/Directory Web App v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /PhoneBook/edit.php...