PT-2024-36624 · Unknown · Etemplates

Name of the Vulnerable Software and Affected Versions: eTemplates versions 0.2.1 and earlier Description: The issue is related to the improper neutralization of special elements used in an SQL command, allowing SQL injection. This problem can be exploited to inject SQL code, potentially leading t...

WordPress Service plugin <= 1.0.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Service versions = 1.0.4...

WordPress TSB Occasion Editor plugin <= 1.2.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin TSB Occasion Editor versions = 1.2.1...

Dell Avamar SQL Injection Vulnerability (CNVD-2025-18249)

Dell Avamar is a data backup and recovery software. A SQL injection vulnerability exists in Dell Avamar. The vulnerability stems from a lack of proper neutralization of specific elements used in SQL commands. An attacker could exploit the vulnerability to execute commands...

Online Class and Exam Scheduling System class_update.php File SQL Injection Vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the id parameter of the classupdate.php page. ...

The vulnerability of the DeviceManager component in the Visteon Infotainment automotive application platform allows a hacker to execute arbitrary SQL code within the root context.

The vulnerability of the DeviceManager component in the Visteon Infotainment automotive application platform relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL code within the root context...

wetech-cms 注入漏洞

wetech-cms is a content management system by Cheng Jinbao, an individual developer. An injection vulnerability exists in wetech-cms version 1.0 to 1.2, which is prone to SQL injection attacks...

PT-2024-16986 · WordPress · Sql Chart Builder

Name of the Vulnerable Software and Affected Versions: SQL Chart Builder plugin for WordPress versions up to, and including, 2.3.6 Description: The issue arises from insufficient escaping on the user-supplied arg1 parameter and lack of sufficient preparation on the existing SQL query in the gvn...

Image Access Scan2Net 安全漏洞

Image Access Scan2Net is a scanning software from Image Access Germany. A security vulnerability exists in Image Access Scan2Net versions 7.40 and earlier, 7.42 and earlier, and 7.42B and earlier, which originates from an authenticated attacker who can perform SQL injection by accessing the...

wetech-cms 注入漏洞

wetech-cms is a content management system by Cheng Jinbao, an individual developer. An injection vulnerability exists in wetech-cms version 1.0 to 1.2, which is prone to SQL injection attacks...

XWiki Platform 安全漏洞

XWiki Platform is the XWiki open source suite of wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions 11.10.6 through 14.3-rc-1, which originates in getdocument.vm, where the order in which documents are returned is defined from th...

WordPress plugin AI Engine 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

code-projects Online Class and Exam Scheduling System 注入漏洞

Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects, Inc. An injection vulnerability exists in code-projects Online Class and Exam Scheduling System version 1.0, which stems from the parameter id of the file /pages/rankupdate.php...

WordPress Hive Support plugin <= 1.1.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Hive Support versions = 1.1.2...

CVE-2024-47484

Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. An unauthenticated attacker with remote access could potentially exploit this...

PT-2024-32927 · Dell · Dell Avamar

Name of the Vulnerable Software and Affected Versions: Dell Avamar versions 19.x Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This could allow a low-privileged attacker with remote access t...

Dell Avamar SQL注入漏洞

Dell Avamar is a purpose-built backup application from Dell, Inc. It is designed to provide a conveniently sized, turnkey, affordable, deduplicated backup solution. Dell Avamar suffers from a SQL injection vulnerability that arises from an improper neutralization of special elements used in SQL...

CVE-2024-54932

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletedepartment.php...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deleteusers.php...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to gain unauthorized access to the database by executing arbitrary SQL commands via the...