5725 matches found
HashiCorp Vault SQL注入漏洞
HashiCorp Vault is a private key access management tool from HashiCorp Inc. in the United States. A SQL injection vulnerability exists in HashiCorp Vault versions 0.8.0 through 1.13.1, which stems from the fact that when configuring the MSSQL plugin locally, certain parameters are not cleaned up...
Ivanti Avalanche SQL注入漏洞
Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. Ivanti Avalanche version 6.3.2.3490 suffers from a SQL injection vulnerability that stems from a crafted request in...
Centreon SQL注入漏洞
Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for resources such as networks, systems, and applications. A SQL injection vulnerability exists in Centreon, which arises from failure to...
Centreon SQL注入漏洞
Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for resources such as networks, systems, and applications. A SQL injection vulnerability exists in Centreon, which arises from failure to...
Cerebrate SQL注入漏洞
Cerebrate is an open source platform. Designed to act as an interconnect coordinator for trusted contact information providers and other security tools. A security vulnerability exists in Cerebrate version 1.13 that stems from the presence of SQL blind comments in the searchAll API endpoint...
CVE-2023-1592
A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file admin/courses/viewclass.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The...
novel-plus SQL注入漏洞
novel-plus novel-plus is a multi-end PC, WAP reading, functional original literature CMS system. A security vulnerability exists in novel-plus version 3.6.2, which stems from a problem in the file /common/sysFile/list, where the operation of the parameter sort can lead to sql injection...
PT-2023-21385 · Ibm · Ibm Aspera Faspex
Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex version 4.4.2 Description: The issue allows a remote attacker to obtain sensitive credential information for an external user using a specially crafted SQL query. Recommendations: For IBM Aspera Faspex version 4.4.2, update ...
CVE-2023-1152
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Utarit Information Technologies Persolus allows SQL Injection. This issue affects Persolus: before 2.03.93...
SourceCodester Automatic Question Paper Generator System SQL注入漏洞
Automatic Question Paper Generator System is an automatic question paper generator system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in SourceCodester Automatic Question Paper Generator System version 1.0, which originates from a SQL injection vulnerability found in...
Online Pizza Ordering System SQL注入漏洞
Online Pizza Ordering System is an online pizza ordering system by Carlo Montero, an individual developer. A SQL injection vulnerability exists in Online Pizza Ordering System version 1.0, which originates from a security issue in the component login page admin/ajax.php?action=login2, which leads...
Simple Art Gallery SQL注入漏洞
Simple Art Gallery is an art gallery application from Simple Art Gallery, Inc. A SQL injection vulnerability exists in Simple Art Gallery version 1.0, which stems from a problem in the file adminHome.php, where manipulation of the parameter socialfacebook can lead to sql injection...
Art Gallery Management System SQL注入漏洞
Art Gallery Management System is an art gallery management system by Anuj Kumar, an individual developer. A security vulnerability exists in Art Gallery Management System v1.0, which stems from a SQL injection vulnerability via the viewid parameter...
Computer Parts Sales and Inventory System SQL注入漏洞
Computer Parts Sales and Inventory System is a computer parts sales and inventory system by Warren Daloyan, an individual developer. SourceCodester Computer Parts Sales and Inventory System version 1.0 suffers from a SQL injection vulnerability that originates from a security issue in the file...
Online Graduate Tracer System SQL注入漏洞
Online Graduate Tracer System is an online graduate tracer system by the individual developer Carlo Montero. A SQL injection vulnerability exists in SourceCodester Online Graduate Tracer System version 1.0, which stems from an incorrect manipulation of the parameter user resulting in sql injectio...
Best POS Management System SQL注入漏洞
Best pos management system is a best pos management system by Mayuri K. Personal developer. A security vulnerability exists in Best POS Management System version 1.0, which originates from a SQL injection vulnerability via the id parameter in /kruxton/manageuser.php...
PT-2023-19779 · Funadmin · Funadmin
Name of the Vulnerable Software and Affected Versions: Funadmin version 3.2.0 Description: The issue is a SQL injection vulnerability that can be exploited via the id parameter at the "/databases/database/edit" API endpoint. This allows for potential unauthorized access and manipulation of databa...
The vulnerability of the centralized control system for network devices and ports of Advantech iView arises from the lack of protective measures for the SQL query structure, allowing attackers to disclose protected information.
The vulnerability of the centralized control system for network devices and ports of Advantech iView relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...
ByWater Solutions bywater-koha-xslt SQL注入漏洞
ByWater Solutions bywater-koha-xslt is ByWater Solutions' Koha repository for XSLT customization for ByWater partners. ByWater Solutions bywater-koha-xslt suffers from a SQL injection vulnerability that stems from manipulation of the parameter name that can lead to sql injection...
PT-2023-10270 · Bywater Solutions · Bywater-Koha-Xslt
Name of the Vulnerable Software and Affected Versions: ByWater Solutions bywater-koha-xslt affected versions not specified Description: A critical vulnerability has been found in ByWater Solutions bywater-koha-xslt, affecting the StringSearch function of the file admin/systempreferences.pl. The...