pyChao SQL注入漏洞

pyChao is an application by Dr. Azrael Tod, a personal developer. It is mainly used for Facts and Newsfeeds and interacts with WebChao-Blog. A SQL injection vulnerability exists in pyChao. An attacker could exploit this vulnerability to perform a sql injection attack...

Search Results SQL注入漏洞

Search Results is an application by Forumhulp.com individual developers. It records the search terms searched by visitors. Search Results suffers from an SQL injection vulnerability that stems from a problem with the function listkeywords in the file event/listener.php, where manipulation of the...

PT-2023-10132 · Unknown · Ananich Bitstorm

Name of the Vulnerable Software and Affected Versions: ananich bitstorm affected versions not specified Description: A critical issue was found in ananich bitstorm, affecting an unknown functionality of the file announce.php. The manipulation of the event argument leads to SQL injection...

PT-2023-10128 · Unknown · Learnmesomecodes Project3

Name of the Vulnerable Software and Affected Versions: LearnMeSomeCodes project3 affected versions not specified Description: A critical issue was found in the LearnMeSomeCodes project3, affecting the search first name function of the file search.rb. This issue leads to sql injection. The...

PT-2023-10119 · Unknown · Typcn Blogile

Name of the Vulnerable Software and Affected Versions: typcn Blogile affected versions not specified Description: A critical vulnerability was found in typcn Blogile, affecting the getNav function of the file server.js. The manipulation of the query argument leads to sql injection. Recommendation...

Blogile SQL注入漏洞

Blogile is a Node.js blogging system. Blogile suffers from a SQL injection vulnerability that stems from a misuse of the parameter query resulting in sql injection...

cub-scout-tracker SQL注入漏洞

cub-scout-tracker is a library. A SQL injection vulnerability exists in cub-scout-tracker. An attacker could exploit this vulnerability to perform a sql injection attack...

ProLOD SQL注入漏洞

ProLOD is an HPI-Information-Systems open source project. Contains algorithms for performing data analysis on Linked Data. ProLOD has a SQL injection vulnerability. Attackers exploit this vulnerability to perform sql injection attacks...

Aruba Networks EdgeConnect Enterprise Orchestrator SQL注入漏洞

Aruba Networks EdgeConnect Enterprise Orchestrator is a centralized SD-WAN management solution from Aruba Networks, Inc. It provides optimization, management, automation, and real-time visibility and monitoring features for enterprise users. A security vulnerability exists in Aruba Networks...

Aruba Networks ClearPass Policy Manager SQL注入漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager. An attacker could exploit this vulnerability to perform a SQL injection attac...

The vulnerability of the User Portal component of the SFOS operating system’s network interface layer, specifically the Sophos Firewall (previously called Sophos XG Firewall), allows a intruder to gain unauthorized access to protected information.

The vulnerability of the User Portal component of the SFOS operating system’s Sophos Firewall formerly Sophos XG Firewall is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access...

CVE-2022-4358

The WP RSS By Publishers WordPress plugin through 0.1 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

CVE-2022-4351

The Qe SEO Handyman WordPress plugin through 1.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

WordPress plugin LetsRecover SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

WordPress plugin WP RSS By Publishers SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

WordPress plugin Joy Of Text Lite SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

The vulnerability of the SFOS operating system’s network interface, which is part of the Sophos Firewall (formerly known as Sophos XG Firewall), allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SFOS operating system’s network interface, which is part of the Sophos Firewall formerly known as Sophos XG Firewall, relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain...

Sage XRT Business Exchange SQL注入漏洞

Sage XRT Business Exchange is part of the Sage suite of applications from Sage UK. A SQL injection vulnerability exists in Sage XRT Business Exchange version 12.4.302, which originates from a vulnerability that allows an authenticated attacker to inject malicious data into SQL queries: add...

PT-2023-13359 · Sage · Sage Xrt Business Exchange

Name of the Vulnerable Software and Affected Versions: Sage XRT Business Exchange version 12.4.302 Description: The issue allows an authenticated attacker to inject malicious data in SQL queries, specifically in the following areas: Add Currencies, Payment Order, and Transfer History...

Lead management system SQL注入漏洞

Lead management system is a lead management system developed by Mayuri K. The Lead Management System version 1.0 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the login.php parameter username, and can be exploited by attackers to The...