Code-Projects Simple Admin Panel 安全漏洞

Code-Projects Simple Admin Panel is a simple admin panel for Code-Projects open source. A security vulnerability exists in Code-Projects Simple Admin Panel version 1.0, which stems from a SQL injection vulnerability in the record parameter of the catDeleteController.php file...

1000 Projects Portfolio Management System MCA 注入漏洞

1000 Projects Portfolio Management System MCA is an open source portfolio management system from 1000 Projects. An injection vulnerability exists in 1000 Projects Portfolio Management System MCA version 1.0, which stems from a parameter q in the file /updateedudetails.php that can lead to SQL...

The vulnerability of the PUT Request Handler component in the Apache Traffic Control system, a component used in building CDN networks, allows attackers to execute arbitrary code.

The vulnerability of the PUT Request Handler component in the Apache Traffic Control system for building CDN networks is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing...

Codezips Project Management System 注入漏洞

Codezips Project Management System is a project management system that provides project management, task assignment and other features. A SQL injection vulnerability exists in the /pages/forms/advanced.php file in Codezips Project Management System version 1.0, which stems from insufficient...

PT-2024-36674 · Vibebp · Vibebp

Name of the Vulnerable Software and Affected Versions: VibeBP versions prior to 1.9.9.7.7 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: For...

Code-Projects Online Exam Mastering System 注入漏洞

Code-Projects Online Exam Mastering System is a Code-Projects open source online exam system. An injection vulnerability exists in code-projects Online Exam Mastering System version 1.0, which is caused by an SQL injection into the parameter eid...

Online Class and Exam Scheduling System subject_update.php File SQL Injection Vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter id of file...

CVE-2024-10244

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ISDO Software Web Software allows SQL Injection. This issue affects Web Software: before 3.6...

PT-2024-17734

Name of the Vulnerable Software and Affected Versions itsourcecode Vehicle Management System version 1.0 Description A critical issue has been found in the itsourcecode Vehicle Management System, affecting an unknown function of the file editbill.php. The manipulation of the id argument leads to...

1000 Projects Attendance Tracking Management System 注入漏洞

1000 Projects Attendance Tracking Management System is an open source attendance management system from 1000 Projects. An injection vulnerability exists in 1000 Projects Attendance Tracking Management System version 1.0, which originates from an SQL injection vulnerability in the studentemailid...

PT-2024-17738 · Unknown · Codezips Technical Discussion Forum

Name of the Vulnerable Software and Affected Versions: Codezips Technical Discussion Forum version 1.0 Description: A critical issue affects some unknown functionality of the file signinpost.php. The manipulation of the username argument leads to SQL injection. The attack may be launched remotely...

PT-2024-17343 · WordPress · The Travel Booking Wordpress Theme

Name of the Vulnerable Software and Affected Versions: The Travel Booking WordPress Theme versions up to, and including, 3.1.6 Description: The issue is a blind time-based SQL Injection vulnerability. It affects the order id parameter due to insufficient escaping on the user-supplied parameter an...

Mobil365 Informatics Saha365 SQL注入漏洞

Mobil365 Informatics Saha365 is an application from Mobil365 Informatics, Inc. Mobil365 Informatics Saha365 suffers from a SQL injection vulnerability that stems from an improper neutralization of a special element...

PT-2024-39346 · Unknown · Saha365 App

Name of the Vulnerable Software and Affected Versions: Saha365 App versions prior to 30.09.2024 Description: The issue is related to the improper neutralization of special elements used in an SQL command, allowing SQL injection. This problem affects the Saha365 App. Recommendations: For versions...

WordPress plugin Instant Appointment SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress plugin Mimoos SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2024-36628 · Unknown · Site Intel

Name of the Vulnerable Software and Affected Versions: Critical Site Intel versions n/a through 1.0 Description: The issue is related to an improper neutralization of special elements used in an SQL command, also known as 'SQL Injection'. This allows for SQL Injection, which can be exploited...

The vulnerability of the WhatsUp Gold network infrastructure monitoring system lies in the lack of protective measures for the SQL query structure, allowing attackers to gain unauthorized access to user data.

The vulnerability of the WhatsUp Gold network infrastructure monitoring system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to user accounts...

The vulnerability in the web interface of the Cisco Secure Firewall Management Center software for network administration allows a perpetrator to execute arbitrary SQL code.

The vulnerability of the Web interface for managing Cisco Secure Firewall Management Center software formerly known as Cisco Firepower Management Center is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute...

PT-2024-36639 · Unknown · Serviceonline Service

Name of the Vulnerable Software and Affected Versions: serviceonline Service versions n/a through 1.0.4 Description: The issue is related to an 'SQL Injection' vulnerability, specifically improper neutralization of special elements used in an SQL command, allowing Blind SQL Injection. This proble...