The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of Native Client components in the Microsoft SQL Server database management system is related to numerical truncation errors. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ChurchCRM 安全漏洞

ChurchCRM is an open source CRM system built for churches by ChurchCRM Open Source. A security vulnerability exists in ChurchCRM version 5.7.0 that originates from parameters being inserted directly into SQL queries without proper cleanup or validation. An attacker can exploit this vulnerability ...

PT-2024-38034 · Teknogis Informatics · Teknogis Informatics Closed Circuit Vehicle Tracking

Name of the Vulnerable Software and Affected Versions: Teknogis Informatics Closed Circuit Vehicle Tracking Software versions through 21.11.2024 Description: The issue is related to improper neutralization of special elements used in an SQL command, allowing SQL Injection and Blind SQL Injection...

WordPress plugin Tutor LMS SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2024-35408 · Sourcecodester · Sourcecodester Sentiment Based Movie Rating System

Name of the Vulnerable Software and Affected Versions: SourceCodester Sentiment Based Movie Rating System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /msrps/movies.php endpoint. This allows an attacker to remotely manipulate database queries. Recommendations:...

CVE-2024-11245

A vulnerability, which was classified as critical, has been found in code-projects Farmacia 1.0. This issue affects some unknown processing of the file /editar-produto.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been...

JeeWMS 注入漏洞

JeeWMS is JeeWMS open source a JAVA-based warehouse management system . JeeWMS 20241108 and earlier versions have an injection vulnerability that stems from the parameter begindate in the file cgReportController.do can lead to SQL injection...

The vulnerability of the Fortinet FortiManager software, which is used for centralized device management, and the Fortinet FortiAnalyzer software, which is used for event monitoring and analysis, stems from improper validation of input data. This vulnerability allows an attacker to gain access to information about the file system.

The vulnerability of the Fortinet FortiManager software, which is used for centralized device management, and the Fortinet FortiAnalyzer software, which is used for event monitoring and analysis, is related to improper validation of input data. Exploiting this vulnerability can allow attackers to...

Ivanti Endpoint Manager SQL Injection Vulnerability (CNVD-2025-28685)

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. An SQL injection vulnerability exists in Ivanti Endpoint...

Ivanti Endpoint Manager SQL Injection Vulnerability (CNVD-2025-28688)

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. Ivanti Endpoint Manager suffers from a SQL injection...

Ivanti Endpoint Manager SQL Injection Vulnerability (CNVD-2025-28690)

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. Ivanti Endpoint Manager suffers from a SQL injection...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which is caused by an SQL injection in the parameter schoolyear...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which is caused by an SQL injection in the parameter classname...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara Inc. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which originates from SQL injection of the parameters cys, un, ln, fn, and id...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which is caused by an SQL injection in the parameter subjectcode...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which is caused by an SQL injection in the parameter classname...

CVE-2024-32839

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution...