CVE-2024-10447

A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. Affected by this vulnerability is an unknown functionality of the file /timetable/staff/staffdashboard.php?info=updateprofile. The manipulation of the argument n leads to sql injection. The attack...

CVE-2024-9011

A vulnerability, which was classified as critical, was found in code-projects Crud Operation System 1.0. Affected is an unknown function of the file updata.php. The manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...

CVE-2024-9090

A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file searchmember.php. The manipulation of the argument searchMember leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2024-10656

A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. This issue affects some unknown processing of the file /pda/meeting/apply.php. The manipulation of the argument mrid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed ...

CVE-2024-48177

MRCMS 3.1.2 contains a SQL injection vulnerability via the RID parameter in /admin/article/delete.do...

CVE-2023-0758

A vulnerability was found in glorylion JFinalOA 1.0.2 and classified as critical. This issue affects some unknown processing of the file src/main/java/com/pointlion/mvc/common/model/SysOrg.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...

CVE-2023-0771

SQL Injection in GitHub repository ampache/ampache prior to 5.5.7,develop...

CVE-2023-26440

The cacheservice API could be abused to indirectly inject parameters with SQL syntax which was insufficiently sanitized and would later be executed when creating new cache groups. Attackers with access to a local or restricted network could perform arbitrary SQL queries. We have improved the inpu...

CVE-2023-35071

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in MRV Tech Logging Administration Panel allows SQL Injection. This issue affects Logging Administration Panel: before 20230915...

CVE-2023-25684

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 247597...

CVE-2023-34976

A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 2023/07/27 and later...

CVE-2023-30016

SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via subeventid parameter in subeventdetailsedit.php...

CVE-2023-38382

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows SQL Injection.This issue affects Subscribe to Category: from n/a through 2.7.4...

CVE-2023-24199

Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at deleteticket.php...

CVE-2023-23758

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability allows SQL Injection...

CVE-2023-23331

Amano Xoffice parking solutions 7.1.3879 is vulnerable to SQL Injection...

CVE-2023-23563

An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to obtain sensitive database content via SQL Injection...

CVE-2023-2075

A vulnerability classified as critical has been found in Campcodes Online Traffic Offense Management System 1.0. This affects an unknown part of the file /admin/offenses/viewdetails.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. Th...

CVE-2023-1495

A vulnerability classified as critical was found in Rebuild up to 3.2.3. Affected by this vulnerability is the function queryListOfConfig of the file /admin/robot/approval/list. The manipulation of the argument q leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2023-1040

A vulnerability, which was classified as critical, has been found in SourceCodester Online Graduate Tracer System 1.0. Affected by this issue is some unknown functionality of the file tracking/admin/addacc.php. The manipulation of the argument id leads to sql injection. The attack may be launched...