CampCodes Courier Management System 注入漏洞

CampCodes Courier Management System is a courier management system from CampCodes Philippines. An injection vulnerability exists in Campcodes Courier Management System version 1.0, which originates from an SQL injection caused by the parameter ID in the file /editparcel.php...

WeGIA SQL Injection Vulnerability (CNVD-2025-17268)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the /html/funcionario/profiledependente.php endpoint iddependente parameter. An attacker could exploit this...

WeGIA SQL Injection Vulnerability (CNVD-2025-17264)

WeGIA is a web manager for welfare organizations from the individual developer Nilson Lazarin. WeGIA suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the /html/funcionario/dependenteeditarEndereco.php endpoint...

Online Appointment Booking System addmanagerclinic.php File SQL Injection Vulnerability

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter clinic in the file /admin/addmanagerclinic.php...

WordPress Traveler plugin SQL Injection Vulnerability

WordPress Traveler plugin is a WordPress plugin designed for the travel industry , mainly used to create travel and trekking websites, support online booking system, itinerary management and other features. WordPress Traveler plugin suffers from a SQL injection vulnerability that stems from the...

WeGIA SQL Injection Vulnerability (CNVD-2025-17261)

WeGIA is a web manager for welfare organizations. WeGIA suffers from an SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter cargo in the /controle/control.php endpoint. An attacker can exploit this vulnerability to execute illeg...

CloudClassroom-PHP-Project 安全漏洞

CloudClassroom-PHP-Project is a cloud classroom website by the individual developer Vishal Mathur. A security vulnerability exists in CloudClassroom-PHP-Project version 1.0, which stems from an unvalidated viewid parameter that could lead to SQL injection...

itsourcecode Insurance Management System 安全漏洞

itsourcecode Insurance Management System is an insurance management system from itsourcecode open source. A security vulnerability exists in version 1.0 of itsourcecode Insurance Management System, which is caused by a SQL injection due to incorrect manipulation of the agentid parameter in the fi...

Online Appointment Booking System deletedoctorclinic.php File SQL Injection Vulnerability

Online Appointment Booking System is an online appointment booking system. Online Appointment Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter clinic in the file /admin/deletedoctorclinic.ph...

XWiki Platform SQL注入漏洞

XWiki Platform is XWiki's open source suite of Wiki platforms for creating web collaboration applications. A SQL injection vulnerability exists in XWiki Platform versions 9.4-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, which stems from a misbehavior of the parameter sort in...

Bayraktar Solar Energies ScadaWatt Otopilot SQL注入漏洞

Bayraktar Solar Energies ScadaWatt Otopilot is a solar power system monitoring and automation control product from Bayraktar Solar Energies, Turkey. A SQL injection vulnerability exists in Bayraktar Solar Energies ScadaWatt Otopilot, which stems from improper neutralization of a special element a...

Vulnerability of the NetworkServlet.archiveTrapRange() function in the system for centrally managing network devices and ports of Advantech iView. This vulnerability allows a attacker to execute arbitrary code.

The vulnerability of the NetworkServlet.archiveTrapRange function in the system for managing network devices and ports of Advantech iView is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the network management system for monitoring industrial networks in Siemens SINEC NMS lies in the lack of measures taken to protect the SQL query structure. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Siemens SINEC NMS network management system for monitoring industrial networks is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibili...

WordPress Torod SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. WordPress Torod suffers from a SQL injection vulnerability that stems from improper handling of special elements of SQL commands, which can be exploited by an attacker to...

DJ-Extensions DJ-Flyer SQL注入漏洞

DJ-Extensions DJ-Flyer is a showcase project or service profile extension from DJ-Extensions, Inc. A SQL injection vulnerability exists in DJ-Extensions DJ-Flyer versions 1.0-3.2, which stems from a SQL injection vulnerability that could lead to the execution of arbitrary SQL commands...

DB-GPT SQL注入漏洞

DB-GPT is an AWEL and agent-based AI native data application development framework open-sourced by eosphoros. A security vulnerability exists in DB-GPT version 0.7.0, which stems from editorsqlrun and queryex being susceptible to SQL injection attacks that could lead to the execution of arbitrary...

CVE-2025-7933

A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /pages/settingsupdate.php of the component Setting Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated...

Library System add-student.php File SQL Injection Vulnerability

Library System is a library system. The Library System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter Username in the file /add-student.php for externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL...

Hospital Management System view-medhistory.php File SQL Injection Vulnerability

Hospital Management System is a PHP and MySQL based hospital management system. Hospital Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter viewid in the file view-medhistory.php. An attack...

Zoo Management System /admin/add-animals.php File SQL Injection Vulnerability

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cnum in the file /admin/add-animals.php. An attacker can exploit this vulnerability ...