Code-Projects Blood Bank Management System 注入漏洞

Code-Projects Blood Bank Management System is an open source blood bank management system from Code-Projects. An injection vulnerability exists in Code-Projects Blood Bank Management System version 1.0, which originates from an SQL injection...

The vulnerability of the FortiWeb web applications’ network interface filter component allows attackers to execute arbitrary commands.

The vulnerability of the log removal filter component in FortiWeb web applications is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary commands...

PHPGurukul Apartment Visitors Management System 安全漏洞

Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement for the parameter username. An attacker can exploit this...

PHPGurukul Human Metapneumovirus Testing Management System 注入漏洞

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. A SQL injection vulnerability exists in the Human Metapneumovirus Testing Management System due to a lack of validation of an externally-entered SQL statement in the parameter username in the...

Code-Projects Online Class and Exam Scheduling System 注入漏洞

Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects open source. An injection vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which stems from an incorrect manipulation of the parameter i...

Code-Projects Online Class and Exam Scheduling System 安全漏洞

Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects open source. A security vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which stems from an incorrect manipulation of the parameters...

CVE-2022-29059

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 in FortiWeb version 7.0.1 and below, 6.4.2 and below, 6.3.20 and below, 6.2.7 and below may allow a privileged attacker to execute SQL commands over the log database via specifically crafted...

LogicalDOC SQL注入漏洞

LogicalDOC is the United States LogicalDOC company a set of document management system developed using Java technology. The system has features such as Lucene full-text search indexing and automatic import. A security vulnerability exists in LogicalDOC that stems from the login function containin...

Restaurant Table Booking System username/mobileno Parameter SQL Injection Vulnerability

Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter username/mobileno in the...

Restaurant Table Booking System /admin/check_availability.php File SQL Injection Vulnerability

Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that originates from an incorrect operation of the parameter username in the /admin/checkavailability.php file, which can lead to SQL injection. An...

CVE-2025-2132

A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajaxalllists of the component Search. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

ftcms 注入漏洞

ftcms is a content management system from ftcms Inc. An injection vulnerability exists in ftcms version 2.1, which stems from the fact that incorrect manipulation of the parameter name can lead to SQL injection...

AT Software Solutions ATSVD 注入漏洞

AT Software Solutions ATSVD is an application from the Brazilian company AT Software Solutions. An injection vulnerability exists in AT Software Solutions ATSVD version 3.4.1 and earlier, which stems from an incorrect manipulation of the parameter txtCPF that can lead to SQL injection...

WordPress School Management System for Wordpress plugin <= 92.0.0 - Authenticated (Subscriber+) SQL Injection via 'mj_smgt_show_event_task' vulnerability

Authenticated Subscriber+ SQL Injection via 'mjsmgtshoweventtask' vulnerability discovered by shaman0x01 in WordPress Plugin School Management versions = 92.0.0...

Projectworlds Life Insurance Management System 注入漏洞

Projectworlds Life Insurance Management System is a life insurance management system from Projectworlds India. An injection vulnerability exists in Projectworlds Life Insurance Management System version 1.0, which stems from improper manipulation of the key parameter and could lead to an SQL...

PHPGurukul Emergency Ambulance Hiring Portal 注入漏洞

Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. Emergency Ambulance Hiring Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the contactnumber parameter of the /admin/admin-profile.php file. An...

CVE-2024-13147

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Merkur Software B2B Login Panel allows SQL Injection. This issue affects B2B Login Panel: before 15.01.2025...

CVE-2024-12097

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Boceksoft Informatics E-Travel allows SQL Injection. This issue affects E-Travel: before 15.12.2024...

The vulnerability of the IBM Engineering Lifecycle Optimization - Publishing software lies in the lack of protective measures for the SQL query structure, allowing attackers to gain unauthorized access to protected information.

The vulnerability of IBM Engineering Lifecycle Optimization - Publishing software relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

WordPress plugin Hero Mega Menu SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...