Client Details System SQL Injection Vulnerability

Client Details System is a management platform. A SQL injection vulnerability exists in Client Details System. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...

PT-2023-30168

Name of the Vulnerable Software and Affected Versions Talent Software ECOP versions prior to 32255 Description The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection', which allows Command Line Execution through SQL Injection...

CVE-2022-39822

In NOKIA NFM-T R19.9, a SQL Injection vulnerability occurs in /cgi-bin/R19.9/easy1350.pl of the VM Manager WebUI via the id or host HTTP GET parameter. An authenticated attacker is required for exploitation...

PT-2023-32877 · Unknown · Code-Projects E-Commerce Website

Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Website version 1.0 Description: A critical issue affects some unknown functionality of the file user signup.php. The manipulation of the firstname, middlename, email, address, contact, or username arguments leads to...

Voltronic Power ViewPower SQL Injection Vulnerability (CNVD-2025-2160296)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower Pro suffers from a SQL injection vulnerability that is caused by failing to properly validate a user-supplied string before constructing a SQL query using it. An attack...

Voltronic Power ViewPower SQL Injection Vulnerability

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower Pro suffers from a SQL injection vulnerability that is caused by failing to properly validate a user-supplied string before constructing a SQL query using it. An attack...

VulnCheck KEV: CVE-2022-1950

The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...

DEBIAN-CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory processes, related to the improper elimination of special elements used in SQL commands, allows a hacker to alter the database query logic by introducing arbitrary SQL operators.

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management functions is related to the improper elimination of special elements used in SQL queries. Exploiting this vulnerability allows a malicious actor to alter the query logic to the database, by...

CVE-2023-49681

Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-45121

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-45115

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database...

S-CMS Security Vulnerabilities

S-CMS is a PHP and MySQL based Content Management System CMS from S-CMS China. A security vulnerability exists in S-CMS v5.0, which originates from the discovery of an SQL injection vulnerability via the Anewsauth parameter in /admin/ajax.php...

Kashipara Job Portal SQL Injection Vulnerability

Kashipara Job Portal is an online job portal system from Kashipara. A SQL injection vulnerability exists in Kashipara Job Portal v1.0, which stems from the "txtUser" parameter of login.php that does not validate received characters and sends them to the database unfiltered...

Tongda2000 SQL Injection Vulnerability

Tongda2000 is a network intelligent office system of China Tongda Tongda. Tongda2000 11.9 and previous versions exist SQL injection vulnerability, the vulnerability stems from the existence of an unknown function in general/vehicle/checkup/deletesearch.php, through the parameter VUID lead to SQL...

Projectworlds Student Result Management System SQL Injection Vulnerability

Projectworlds Student Result Management System is a student result management system from Projectworlds India. Projectworlds Student Result Management System v1.0 suffers from a SQL injection vulnerability, which stems from the fact that the "classname" parameter of addstudents.php does not...

CVE-2023-28491

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0...

CVE-2023-47236

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Avirtum iPages Flipbook For WordPress.This issue affects iPages Flipbook For WordPress: from n/a through 1.4.8...

WordPress Plugin iPages Flipbook For WordPress SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Plugin iPages Flipbook For WordPress is vulnerable to a SQL injection vulnerability. No information...