Simple Student Quarterly Result/Grade System SQL注入漏洞

Simple Student Quarterly Result/Grade System is a student quarterly grade management system from the individual developer Carlo Montero. A security vulnerability exists in Simple Student Quarterly Result/Grade System version 1.0, which stems from an SQL injection vulnerability...

School Dormitory Management System SQL注入漏洞

School Dormitory Management System is a school dormitory management system. SQL injection vulnerability exists in School Dormitory Management System v1.0, which originates from /dms/admin/reports/dailycollection The report.php parameter lacks validation for external input SQL statements. An...

HMS SQL注入漏洞

HMS is a computer or web-based hospital management system. version 1.0 of HMS is vulnerable to SQL injection, which stems from the presence of multiple parameters that can lead to SQL injection when requesting appointment.php using the POST method. An attacker could use this vulnerability to obta...

Hospital Management System SQL注入漏洞

Hospital Management System HMS is a computer system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. hospital Management System v1.0 is vulnerable to SQL injection, which can be exploited by attackers via the SQL injection via the deli...

CVE-2022-29986

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=deletefacility...

Insurance Management System SQL注入漏洞

Insurance Management System is an insurance management system from the personal developer Angel Jude Reyes Suarez. Insurance Management System 1.0 is vulnerable to SQL injection, which could be exploited by attackers to obtain information about data in the target system...

CVE-2021-43010

In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can bypass access to sensitive data...

WordPress plugin RSVPMaker SQL注入漏洞

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. RSVPMaker is an event scheduling and RSVP tracking plugin used in WordPress RSVPMaker plugin 9.2.5 and earlier versions are vulnerable to SQL injection, which stems from a lack of SQL escaping and...

CVE-2022-1371

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

Asterisk SQL注入漏洞

Asterisk is a PBX system software that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols.Asterisk suffers from a SQL injection vulnerability that can be exploited by attackers to cause user-supplied data to create corrupt SQL queries or possibly SQL injections...

xiaohuanxiong CMS SQL注入漏洞

xiaohuanxiong is an open source comic CMS by guoguo individual developers. xiaohuanxiong version 1.0 is vulnerable to SQL injection, which originates from the id parameter in /app/controller/Books.php. No detailed vulnerability details are available...

CVE-2022-25488

Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php...

Cybonet PineApp Mail Secure SQL注入漏洞

Cybonet PineApp Mail Secure is Cybonet Israel's solution for blocking most malicious email threats at the network perimeter, while providing a range of additional options for comprehensive security and messaging control.Cybonet PineApp Mail Relay is vulnerable to a SQL injection vulnerability tha...

TSG Tokheim Profleet DiaLOG Fuel Management System SQL注入漏洞

TSG Tokheim Profleet DiaLOG Fuel Management System is a fuel management system from TSG UK.A SQL injection vulnerability exists in TSG Tokheim Profleet DiaLOG Fuel Management System, which can be exploited by attackers to cause remote code execution as root user...

CVE-2021-46308

An SQL Injection vulnerability exists in Sourcecodester Online Railway Reservation Sysytem 1.0 via the sid parameter...

WordPress plugin SQL注入漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.The WordPress Download Monitor Plugin has a SQL injection vulnerability in versions prior to 4.4.5, which stems from the use...

The vulnerability of the “description_filter” parameter in the group_list component of the Advantech R-SeeNet monitoring software for routers, related to incorrect validation of input data, allows a hacker to execute arbitrary SQL queries.

The vulnerability of the “descriptionfilter” parameter in the grouplist component of the Advantech R-SeeNet monitoring software for routers is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL...

ZZCMS SQL注入漏洞

ZZCMS is a content management system CMS from the Zzcms team in China. zzcms is vulnerable to SQL injection, which allows an attacker to use the id parameter in admin/bad.php with a lack of validation for external input SQL statements. An attacker can use the vulnerability to execute illegal SQL...

Advantech R-SeeNet SQL注入漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech Taiwan. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet is vulnerable to a SQL injection vulnerability due to insufficient cleaning of...

Simple Subscription Website SQL注入漏洞

Simple Subscription Website is a web-based application. SourceCodester Simple Subscription Website 1.0 is vulnerable to SQL injection, which can be exploited by attackers to perform SQL injection via login...