5734 matches found
QNAP Systems Video Station SQL Injection Vulnerability
QNAP Systems Video Station is a video management and playback application from QNAP Systems. The SQL injection vulnerability, which previously existed in QNAP Systems Video Station version 5.7.2 2023/11/23 , stems from the presence of a SQL injection vulnerability that could allow a user to injec...
Travel Website SQL Injection Vulnerability
Travel Website is a PHP-based travel website. A SQL injection vulnerability exists in Travel Website v1.0, which occurs when the username parameter of the signupAction.php page is processed without filtering before sending the data to the database for processing...
CVE-2023-6436
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ekol Informatics Website Template allows SQL Injection.This issue affects Website Template: through 20231215...
Ekol Informatics Website Template SQL Injection Vulnerability
Ekol Informatics Website Template is a website template from Ekol. A SQL injection vulnerability exists in Ekol Informatics Website Template 20231215 and earlier versions, which stems from incorrect neutralization and allows SQL injection attacks...
PT-2024-14954
Name of the Vulnerable Software and Affected Versions Ekol Informatics Website Template versions through 20231215 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
WordPress Plugin WP Adminify SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WP Adminif...
PT-2023-31821 · Unknown · Webinarignition
Name of the Vulnerable Software and Affected Versions: Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition versions n/a through 3.05.0 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command,...
PT-2023-31926 · Unknown · Whiletrue Most/Least Read Posts Widget
Name of the Vulnerable Software and Affected Versions: WhileTrue Most And Least Read Posts Widget versions 2.5.16 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection'. This allows for potential...
Online College Library System SQL Injection Vulnerability
Online College Library System is an online college library system. A SQL injection vulnerability exists in Online College Library System version 1.0, which originates from a security issue in the /admin/bookrow.php page...
Tongda2000 SQL Injection Vulnerability
Tongda2000 is a network intelligent office system of China Tongda Tongda company. Tongda2000 11.9 and earlier versions exist SQL injection vulnerability, the vulnerability stems from the parameter PROJIDSTR in the file general/project/proj/delete.php can lead to SQL injection...
jeecg security breach
jeecg is a software application. An intelligent development platform based on a code generator. A security vulnerability exists in jeecg-boot 3.5.3 and earlier versions, which stems from a SQL injection vulnerability in the jmreport/qurestSql component...
CVE-2023-4675
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in GM Information Technologies MDO allows SQL Injection. This issue affects MDO: through 20231229. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
Customer Support System Security Breach
Customer Support System is a customer support system by oretnom23 Individual Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. A security vulnerability exists in Customer Support System version 1.0, which stems fr...
Ween Software Admin Panel SQL Injection Vulnerability
Ween Software Admin Panel is an admin panel application. Ween Software Admin Panel 20231229 and earlier versions are vulnerable to a SQL injection vulnerability that stems from the presence of a SQL injection vulnerability...
Online College Library System SQL Injection Vulnerability
Online College Library System is an online college library system. A SQL injection vulnerability exists in version 1.0 of the Online College Library System, which stems from a security issue in the index.php page...
Sven gopeak masterlab security breach
Sven gopeak masterlab is a Sven open source application. Provides simple and efficient , agile development based project management tools . Sven gopeak masterlab version 3.3.10 and earlier versions of a security vulnerability , the vulnerability stems from app/ctrl/framework/Feature.php sqlInject...
PT-2023-30897 · Unknown · Railway Reservation System
Name of the Vulnerable Software and Affected Versions: Railway Reservation System version 1.0 Description: The issue concerns an Unauthenticated SQL Injection vulnerability. Specifically, the to parameter of the "reservation.php" resource does not validate the characters received, and they are se...
CVE-2023-7127
A vulnerability classified as critical was found in code-projects Automated Voting System 1.0. This vulnerability affects unknown code of the component Login. The manipulation of the argument idno leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249130 is...
Talent Software ECOP SQL Injection Vulnerability
Talent Software ECOP is a content distribution platform from Talent Software. A SQL injection vulnerability exists in Talent Software ECOP versions prior to 32255 that stems from improper neutralization of special elements used in SQL commands, resulting in SQL injection...
PT-2023-32892 · Code Projects · Code-Projects Intern Membership Management System
Name of the Vulnerable Software and Affected Versions: code-projects Intern Membership Management System version 2.0 Description: A critical issue was found in the User Registration component, specifically in the /user registration/ file. The manipulation of the userName argument leads to SQL...