Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method ActivateProject, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method UpdateProjectUserRights, which can be exploited by an attacker to bypass authorization...

PT-2025-16832 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the UnlockBufferingSettings method, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method UpdateGeneralSettings, which can be exploited by an attacker to bypass authorization...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method LockDatabaseSettings, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, ImportConnectionVariables, which can be exploited by an attacker to bypass authorization...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internally used 'LockProject' method. An attacker could exploit the vulnerability to cause bypass of...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that can be exploited by an attacker to cause remote code execution...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the GetLogs method, which can be exploited by an attacker to bypass authorization contro...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internally used 'UnlockProject' method. An attacker could exploit the vulnerability to cause bypass of...

SicommNet BASEC 安全漏洞

SicommNet BASEC is an agent solution from SicommNet, Inc. A security vulnerability exists in SicommNet BASEC that stems from a SQL injection issue on the login page, which could lead to bypassing authentication and executing arbitrary SQL commands...

WordPress plugin Accessibility Suite by Online ADA SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

PT-2025-15931 · Unknown · Aaronfrey Nearby Locations

Name of the Vulnerable Software and Affected Versions: aaronfrey Nearby Locations versions n/a through 1.1.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

The vulnerability of the ZimbraSyncService service in the corporate email management system, Zimbra Collaboration Suite, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ZimbraSyncService service in the Zimbra Collaboration Suite enterprise email management system exists due to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access t...

CVE-2025-29390

jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the setpassword function in application/controllers/home.php...

Bus Pass Management System view-pass-detail.php File SQL Injection Vulnerability

Bus Pass Management System is a bus pass management system. Bus Pass Management System suffers from a SQL injection vulnerability that originates from a missing validation of an externally entered SQL statement in the viewid parameter of the view-pass-detail.php file. An attacker can exploit this...

Patient Record Management System xray_print.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from a missing validation of externally entered SQL statements in the parameter itrno of the xrayprint.php file. The vulnerability ca...

e-Diary Management System login.php File SQL Injection Vulnerability

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the logindetail parameter of the login.php file. An attacker can...

e-Diary Management System edit-category.php File SQL Injection Vulnerability

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the Category parameter of the edit-category.php?id=8 file. An attacker ca...