159 matches found
CVE-2025-5658
A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/updatecomplaint.php. The manipulation of the argument Status leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
PHPGurukul Complaint Management System 注入漏洞
Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Status in the file /admin/updatecomplaint.php. An attacker can...
CVE-2024-25428
SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run arbitrary system commands via the status parameter...
CVE-2019-8424
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter...
CVE-2018-20508
CrashFix 1.0.4 has SQL Injection via the Userstatus parameter. This is related to actionIndex in UserController.php, and the protected\models\User.php search function...
Pre-School Enrollment System /admin/visitor-details.php File SQL Injection Vulnerability
Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Status in file /admin/visitor-details.php. An...
COVID19 Testing Management System test-details.php File SQL Injection Vulnerability
The COVID19 Testing Management System is a new crown pneumonia testing management system. The COVID19 Testing Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter Status in the /test-details.php...
The vulnerability of the PCMan FTP Server relates to the occurrence of operations beyond the buffer boundaries in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the PCMan FTP Server relates to the execution of operations beyond the buffer boundaries during the processing of the STATUS parameter. Exploitation of this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
PHPGurukul Boat Booking System 注入漏洞
PHPGurukul Boat Booking System is a boat booking system from PHPGurukul. An injection vulnerability exists in version 1.0 of the PHPGurukul Boat Booking System, which stems from SQL injection due to incorrect manipulation of the parameter Status in the file /admin/booking-details.php...
PHPGurukul Pre-School Enrollment System 注入漏洞
PHPGurukul Pre-School Enrollment System is a web-based preschool enrollment system from PHPGurukul, Inc. An injection vulnerability exists in version 1.0 of the PHPGurukul Pre-School Enrollment System, which stems from an incorrect manipulation of the parameter Status resulting in SQL injection...
CVE-2025-4071
A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /test-details.php. The manipulation of the argument Status leads to sql injection. The attack can be initiated remotely. The exploit h...
PHPGurukul COVID19 Testing Management System 安全漏洞
The COVID19 Testing Management System is a new crown pneumonia testing management system. The COVID19 Testing Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter Status in the /test-details.php...
GHSA-X8PM-WRG2-MQMX OpenMetadata SQL Injection
OpenMetadata =1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query...
CVE-2025-27417 WeGIA Contains a Stored Cross-Site Scripting (XSS) in 'adicionar_status_atendido.php' via the 'status' parameter
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarstatusatendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into...
CVE-2024-11260
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the activestatus parameter in all versions up to, and including, 6.6.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
Linksys E8450 安全漏洞
The Linksys E8450 is a router from Linksys, USA. A security vulnerability exists in the Linksys E8450 v1.2.00.360516, which stems from the ipv6protectstatus parameter being copied to the stack without length validation, resulting in the inclusion of a buffer overflow vulnerability...
CVE-2024-12469 WP BASE Booking of Appointments, Services and Events <= 4.9.1 - Reflected Cross-Site Scripting via status Parameter
The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘status’ parameter in all versions up to, and including, 4.9.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...
PT-2024-17608 · WordPress · Wp Base Booking Of Appointments
Name of the Vulnerable Software and Affected Versions: WP BASE Booking of Appointments, Services and Events plugin for WordPress versions up to, and including, 4.9.1 Description: The issue is related to Reflected Cross-Site Scripting via the status parameter due to insufficient input sanitization...
WordPress WP BASE Booking plugin <= 4.9.1 - Reflected Cross-Site Scripting via status Parameter vulnerability
Reflected Cross-Site Scripting via status Parameter vulnerability discovered by vgo0 in WordPress Plugin WP BASE Booking versions = 4.9.1...
itsourcecode Farm Management System SQL注入漏洞
itsourcecode Farm Management System is an itsourcecode open source farm management system. SQL injection vulnerability exists in itsourcecode Farm Management System version 1.0, which originates from SQL injection of parameters pigno/weight/arrived/breed/remark/status...