dingfanzu 安全漏洞

dingfanzu is a php based takeaway ordering website. A SQL injection vulnerability exists in dingfanzu v1.0, which stems from the application's lack of validation of externally entered SQL statements. A local attacker can exploit this vulnerability to execute arbitrary code via the contents of the...

PT-2025-4754 · Unknown · Dingfanzu Cms

Name of the Vulnerable Software and Affected Versions: dingfanzuCMS version 1.0 Description: The issue allows a local attacker to execute arbitrary code due to incorrect filtering of content at the checkOrder.php shopId module. This enables the attacker to perform SQL injection attacks...

DDSN Interactive cm3 Acora CMS 安全漏洞

DDSN Interactive cm3 Acora CMS is an enterprise web and mobile CMS from DDSN Interactive. A security vulnerability exists in DDSN Interactive cm3 Acora CMS version 10.1.1 that stems from the presence of a SQL injection vulnerability that allows an attacker to execute arbitrary code via the table...

CVE-2023-37931

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability CWE-88 in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to perform a blind sql injection attack via sending crafted HTTP or HTTPS requests...

DEBIAN-CVE-2024-57644

An issue in the itchashcompare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2024-57623

An issue in the HEAPmalloc component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2024-57655

An issue in the dfeninorder component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2024-57647

An issue in the rowinsertcast component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2024-57646

An issue in the psiginfo component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2024-57653

An issue in the qstvecsetcopy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

PT-2025-3485 · Monetdb · Monetdb Server

Name of the Vulnerable Software and Affected Versions: MonetDB Server version 11.47.11 Description: An issue in the bind col exp component allows attackers to cause a Denial of Service DoS via crafted SQL statements. Recommendations: For MonetDB Server version 11.47.11, consider disabling the bin...

Fortinet FortiPortal SQL注入漏洞

Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. Fortinet FortiPortal suffers from a SQL injection vulnerability that stems from improper...

Fortinet FortiWeb SQL注入漏洞

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, and other attacks to secure web applications and protect sensitive database content. A SQL injection vulnerability exists in...

CVE-2023-42243

In Selesta Visual Access Manager 4.42.2, an authenticated user can access the administrative page /common/vamSql.php, which allows for arbitrary SQL queries...

CVE-2023-42244

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...

CVE-2025-0410

A vulnerability classified as critical was found in liujianview gymxmjpa 1.0. This vulnerability affects the function MenberDaoInpl of the file src/main/java/com/liujian/gymxmjpa/controller/MenberConntroller.java. The manipulation of the argument hyname leads to sql injection. The attack can be...

MonetDB 安全漏洞

MonetDB is an open source column-oriented relational database management system from MonetDB Open Source. A security vulnerability exists in MonetDB version v11.47.11, which stems from an issue contained in the GDKanalyticalcorrelation component. An attacker exploiting this vulnerability could...

MonetDB 安全漏洞

MonetDB is an open source column-oriented relational database management system from MonetDB Open Source. A security vulnerability exists in MonetDB version v11.47.11, which stems from an issue contained in the atomgetint component. An attacker exploiting this vulnerability could cause a denial o...

MonetDB 安全漏洞

MonetDB is an open source column-oriented relational database management system from MonetDB Open Source. A security vulnerability exists in MonetDB version v11.49.1, which stems from an issue contained in the matjoin2 component. An attacker exploiting this vulnerability could cause a denial of...

Virtuoso Open-Source Edition 安全漏洞

Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.11, which...