mariadb: server crash in create_tmp_table::finalize

A flaw was found in MariaDB. The component, Createtmptable::finalize, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11174)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /admin/?page= reports/stockout&month= is missing validation of external...

EulerOS 2.0 SP5 : mariadb (EulerOS-SA-2022-2275)

According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component mystrcasecmp8bit, which is exploited via specially...

Pharmacy Management System getexpproduct.php SQL Injection Vulnerability

Pharmacy Management System MPMS is a multi-lingual pharmacy management system developed by Mayuri K. The Pharmacy Management System v1.0 version is vulnerable to SQL injection, which originates from the startDate in getexpproduct.php parameter in getexpproduct.php lacks validation for external...

IBM DB2 9.7 < 9.7 FP 11 41114 / 10.1 < 10.1 FP 6 41109 / 10.5 < 10.5 FP 11 41110 / 11.1 < 11.1.4 FP 7 41112 / 11.5 < 11.5.7 FP 0 18572 Multiple Vulnerabilities (Unix)

According to its self-reported version number, IBM Db2 is affected by multiple vulnerabilities, as follows: - A denial of service DOS vulnerability as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. CVE-2022-22389 - An information...

Simple E-Learning System classRoom.php SQL Injection Vulnerability

Simple e-Learning System is a simple e-learning system from Carlo Montero's personal developer. version v1.0 of Simple E-Learning System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the classRoom.php file. An attacker could use the...

Library Management System SQL Injection Vulnerability (CNVD-2022-61297)

Library Management System is a library management system with QR code attendance and automatic library card generation. version 1.0 of Library Management System is vulnerable to SQL injection, which stems from a missing parameter id in the file /librarian/bookdetails.php validation of externally...

IBM DB2 Denial of Service Vulnerability (CNVD-2022-51655)

IBM DB2 is a relational database management system. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from a denial-of-service vulnerability that stems from failure to properly handle incoming error messages, which can be exploite...

CVE-2022-22389

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740...

WordPress Better Find and Replace plugin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. versions prior to WordPress Better Find and Replace plugin 1.3.6 contain a SQL injection...

MariaDB 10.4.0 < 10.4.26 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.4.26. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.4.26 advisory. - A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48750）

Sourcecodester Hospital Patient Records Management System is a web-based application that provides hospitals with an automated platform to store and manage their patient records. sourcecodester Hospital Patient Records Management System is vulnerable to a SQL injection vulnerability that originat...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48749）

Sourcecodester Hospital Patient Records Management System is a web-based application that provides hospitals with an automated platform to store and manage their patient records. sourcecodester Hospital Patient Records Management System is vulnerable to a SQL injection vulnerability that originat...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-48960)

Product Show Room Site is a product showroom website from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to SQL injection, which originates from the /psrs/classes/Master.php?f=deleteinquiry page Lack of validation of external input SQL statements allows...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48746）

Sourcecodester Hospital Patient Records Management System is a Web-based application that provides hospitals with an automated platform to store and manage their patient records. Management System is vulnerable to SQL injection, which originates from /hprms/admin/?page=user/manageuser&id= page...

Fast Food Ordering System SQL注入漏洞

Fast Food Ordering System is a fast food ordering system from Carlo Montero's personal developer. version 1.0 of Fast Food Ordering System is vulnerable to SQL injection, which originates from /ffos/admin/menus/viewmenu.php?id=page Lack of validation of external input SQL statements can be...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48753）

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. Management System is vulnerable to a SQL injection vulnerability that originates in the...

SAP NetWeaver J2EE Engine SQL Injection (CVE-2016-2386)

An SQL injection vulnerability exists in SAP NetWeaver J2EE Engine. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

Online Tours And Travels Management System SQL注入漏洞

Online Tours And Travels Management System is an online tour management system. v1.0 of Online Tours And Travels Management System is vulnerable to SQL injection, which originates from /admin/operations/tax. The tname parameter in php lacks validation for external input SQL statements. An attacke...

CVE-2019-4575

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM...