The vulnerability of the software for managing and publishing geodata on the OSGeo GeoServer server lies in the lack of measures to neutralize special elements used in SQL queries, allowing a perpetrator to execute arbitrary SQL code.

The vulnerability of the software for managing and publishing geodata on the OSGeo GeoServer server is related to the lack of measures taken to neutralize special elements used in SQL queries. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code by sending a...

PT-2023-9513 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the sqlo preds contradiction component of openlink virtuoso-opensource is related to the improper neutralization of special elements used in SQL commands. This can be...

PT-2023-2437 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue exists due to insufficient input validation in the OLE DB driver for SQL Server in the Windows operating system. This allows a remote attacke...

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to a SQL injection vulnerability that originates in the file /classes/Master.php?f=savesubcategory with the parameter subcategory...

Tailor Management System SQL注入漏洞

Tailor Management System is a tailor store management system by Warren Daloyan, an individual developer. A security vulnerability exists in Tailor Management System version v.1, which originates from a SQL injection vulnerability that can be exploited by an authenticated, remote attacker to execu...

CVE-2023-25330

A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID valuer. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications that avoi...

I-TECH TrainSmart SQL注入漏洞

I-TECH TrainSmart is an open source web-based training data collection system from I-TECH. A security vulnerability exists in I-TECH TrainSmart version r1044 that stems from the presence of a SQL injection vulnerability...

Online Payroll System SQL注入漏洞

Online Payroll System is a system for distributing payroll online. Online Payroll System is vulnerable to SQL injection, which can be exploited by attackers to submit special SQL requests to manipulate the database and obtain sensitive information...

SourceCodester Online Payroll System SQL注入漏洞

Online Payroll System is a system for distributing payroll online. Online Payroll System is vulnerable to SQL injection, which can be exploited by attackers to submit special SQL requests to manipulate the database and obtain sensitive information...

Online Payroll System SQL注入漏洞

Online Payroll System is a system for distributing payroll online. Online Payroll System is vulnerable to SQL injection, which can be exploited by attackers to submit special SQL requests to manipulate the database and obtain sensitive information...

Online Payroll System SQL注入漏洞

Online Payroll System is a system for distributing payroll online. Online Payroll System is vulnerable to SQL injection, which can be exploited by attackers to submit special SQL requests that manipulate the database and can obtain sensitive information...

PublicCMS SQL注入漏洞

PublicCMS is an open source content management system CMS written in Java by PublicCMS China. A security vulnerability exists in PublicCMS v.4.0. An attacker exploits the vulnerability to execute arbitrary code via the sql parameter of SysSiteAdminControl...

SourceCodester Centralized Covid Vaccination Records System SQL注入漏洞

Centralized Covid Vaccination Records System is a new Covid Pneumonia Vaccination Records System by Carlo Montero Individual Developer. SourceCodester Centralized Covid Vaccination Records System is vulnerable to SQL injection. No information about this vulnerability is available at this time,...

The vulnerability of HMI/SCADA CONPROSYS HMI lies in the lack of protective measures for SQL query structures, allowing attackers to gain unauthorized access to protected information.

The vulnerability of HMI/SCADA CONPROSYS HMI lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending specially crafted SQL queries to the databas...

Akbim Computer Panon SQL注入漏洞

Akbim Computer Panon is an application from Akbim, Inc. An SQL injection vulnerability exists in Akbim Computer Panon versions prior to 1.0.2, which stems from improper neutralization of a special element used, resulting in SQL injection...

BluePage CMS SQL注入漏洞

BluePage CMS is a content management system from BluePage open source. A security vulnerability exists in BluePage CMS version 3.9 and earlier versions , the vulnerability stems from SQL injection when processing insufficiently cleaned HTTP headers...

Red Gate SQL Monitor 跨站脚本漏洞

Red Gate Software Redgate SQL Monitor is a database monitoring tool from Red Gate Software, UK. The product supports Microsoft SQL Server monitoring, alerting, analysis and more. A security vulnerability exists in Red Gate SQL Monitor version 12.1.31.893, which stems from a cross-site scripting X...

The vulnerability of the Apache Fineract digital financial services platform, related to the lack of protection for the SQL query structure, allows attackers to gain access to read, modify, or delete data.

The vulnerability of the Apache Fineract digital financial services platform relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to gain read, modify, or delete access to data...

Grade Point Average GPA Calculator SQL注入漏洞

Grade Point Average GPA Calculator is an online and automated platform for calculating a student's grade point average or GPA built using the Bootstrap framework. A security vulnerability exists in SourceCodester Grade Point Average GPA Calculator version 1.0, which stems from a problem with the...

PT-2023-14807 · Xman · Xman

Name of the Vulnerable Software and Affected Versions: X-Man version 1.0 Description: The issue is related to a SQL injection vulnerability, which can cause data leakage. Recommendations: For X-Man version 1.0, consider applying a patch or fix to resolve the SQL injection vulnerability. As a...