WordPress plugin Product Filter by WBW SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

SourceCodeHero Clothes Recommendation System SQL注入漏洞

SourceCodeHero Clothes Recommendation System is a SourceCodeHero open source clothing recommendation system. SourceCodeHero Clothes Recommendation System version 1.0 suffers from a SQL injection vulnerability, which originates from the parameter t1 in the file /admin/index.php of the component...

Code-Projects Hospital Management System SQL注入漏洞

Hospital Management System a hospital management system. Hospital Management System has a SQL injection vulnerability that originates from the parameter docname in the file /admin/add-doctor.php that can lead to SQL injection. No details of the vulnerability are available at this time...

The vulnerability of the Vinteo video conference software server lies in the lack of protective measures for SQL query structures, allowing attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the Vinteo video conference software server relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code using a specially crafted SQL query...

EsafeNet CDG SQL注入漏洞

EsafeNet CDG is a document security management system from EsafeNet. EsafeNet CDG 5 suffers from a SQL injection vulnerability, which originates from the userId parameter of the /com/esafenet/servlet/user/ReUserOrganiseService.java page contains a SQL injection vulnerability...

Cisco Secure Firewall Management Center 安全漏洞

Cisco Secure Firewall Management Center is a powerful network security management tool from Cisco USA. A security vulnerability exists in Cisco Secure Firewall Management Center that originates from the web management interface not adequately validating user input. An attacker could exploit this...

CVE-2024-48657

SQL Injection vulnerability in hospital management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code...

CVE-2024-30157

A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to...

CVE-2024-30158

A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute...

CVE-2024-47223

A vulnerability in the AWV Audio, Web and Video Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access...

WordPress WP Sessions Time Monitoring Full Automatic plugin <= 1.0.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin WP Sessions Time Monitoring Full Automatic versions = 1.0.9...

The vulnerability of the Navidrome media server, related to the lack of protective measures for the SQL query structure, allows attackers to execute arbitrary code and disclose the protected information.

The vulnerability of the Navidrome media server relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and disclose sensitive information by sending specially crafted SQL queries...

Mitel MiCollab SQL注入漏洞

Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. Mitel MiCollab suffers from an SQL injection vulnerability that can be exploited by attackers to access sensitive information and perform...

Mitel MiCollab SQL注入漏洞

Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. A SQL injection vulnerability exists in Mitel MiCollab version 9.7.1.110 and earlier, which stems from insufficient validation of user input in...

Mitel MiCollab SQL注入漏洞

Mitel MiCollab is an enterprise-grade audio, web and video conferencing solution that provides efficient collaboration and communication capabilities. An SQL injection vulnerability exists in Mitel MiCollab, which can be exploited by an attacker to access non-sensitive user configuration...

Learning with Texts SQL注入漏洞

Learning with Texts LWT is a software application by the individual developer Jon Gauthier. It allows users to import text, read, save, view and test words and expressions in multiple languages. A security vulnerability exists in Learning with Texts LWT version 2.0.3, which stems from...

Mitel MiCollab 安全漏洞

Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. A SQL injection vulnerability exists in Mitel MiCollab version 9.7.1.110 and earlier, which stems from insufficient validation of user input in...

CVE-2024-49613

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Lodel Geraldo Simple Code Insert Shortcode allows SQL Injection.This issue affects Simple Code Insert Shortcode: from n/a through 1.0...

CVE-2024-10162

A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-subadmin.php of the component Edit Subdomain Details Page. The manipulation of the argument sadminusername/fullname/emailid/mobilenumber...

PT-2024-33575 · Unknown · Ferma.Ru.Net

Name of the Vulnerable Software and Affected Versions: FERMA.Ru.Net versions 1.3.3 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command. This allows an...