PT-2023-15127 · Tuzicms · Tuzicms

Name of the Vulnerable Software and Affected Versions: Tuzicms version 2.0.6 Description: A SQL injection issue was found in the UserController.class.php component, located in AppManageController. Recommendations: For Tuzicms version 2.0.6, update to a newer version that contains a fix for this...

PT-2023-10002 · Unknown · Bricco Authenticator Plugin

Name of the Vulnerable Software and Affected Versions: Bricco Authenticator Plugin versions prior to 1.39 Description: A critical issue was found in the Bricco Authenticator Plugin, affecting the authenticate/compare function of the DBAuthenticator.java file. This issue leads to sql injection...

CVE-2022-46955

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=savequeue...

PT-2023-16141 · Sourcecodester · Online Flight Booking Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Flight Booking Management System affected versions not specified Description: A critical issue has been discovered, affecting the file review search.php, specifically the POST Parameter Handler component. The manipulatio...

Lead Management System SQL注入漏洞

Lead management system is a lead management system developed by Mayuri K. The Lead Management System v1.0 version is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the userid parameter of changePassword.php. An attacker could use this...

pplv2 SQL注入漏洞

pplv2 is an application by Gokul Srinivas Personal Developer. A SQL injection vulnerability exists in pplv2. An attacker could exploit this vulnerability to perform a sql injection attack...

CVE-2022-46763

A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code...

WordPress Plugin Contest Gallery SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2022-7106 · Ibm · Ibm Navigator For I

Name of the Vulnerable Software and Affected Versions: IBM Navigator for i versions 7.3 through 7.5 Description: The issue is related to the lack of protection for the SQL query structure in the IBM Navigator graphical interface of the IBM i operating system. This could allow a remote attacker to...

CVE-2021-31650

A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter...

CVE-2022-20517

In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-46072

Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL Injection...

Canteen Management System SQL注入漏洞

Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. A security vulnerability exists in Canteen Management System that stems from an incorrect manipulation of the parameter customerid resulting in sql injection...

PT-2022-27113 · Boa · Boa

Name of the Vulnerable Software and Affected Versions: Boa version 0.94.14rc21 Description: The issue concerns SQL Injection via the username variable. However, it is noted that this vulnerability is disputed by multiple third parties because Boa does not ship with any support for SQL...

CVE-2022-39180

College Management System v1.0 - SQL Injection SQLi. By inserting SQL commands to the username and password fields in the login.php page...

HHIMS SQL注入漏洞

HHIMS is a free, open source software system from the individual developers at TSRuban. It is used to store and retrieve simple patient medical records. HHIMS suffers from a SQL injection vulnerability that originates from an unknown function in the scenegraph/svgattributes.c file of the SVG Pars...

Online Diagnostic Lab Management System SQL注入漏洞

Online Diagnostic Lab Management System is an online diagnostic lab management system. A security vulnerability exists in Online Diagnostic Lab Management System v1.0, which was discovered to contain an SQL injection vulnerability via the id parameter on /odlms//classes/Master.php?f=deleteactivit...

Canteen Management System SQL注入漏洞

Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. A SQL injection vulnerability exists in Canteen Management System version 1.0, which stems from the userid parameter of /phpaction/fetchOrderData.php being susceptible to SQL injection...

Online Medicine Ordering System 安全漏洞

Online Medicine Ordering System is an online medicine ordering system by Carlo Montero, an individual developer. A security vulnerability exists in version 1.0 of the Online Medicine Ordering System due to an unknown function in its admin/?page=orders/vieworder file that operates on the parameter...

SourceCodester Food Ordering Management System 安全漏洞

Food Ordering Management System is a food ordering management system from Carlo Montero's personal developer. The Food Ordering Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements by username, and can be exploited by attackers...