CVE-2022-46764

A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 fixed in 5.2.6.10025 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution...

WordPress Plugin Contest Gallery SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2022-4737

A vulnerability was found in SourceCodester Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The...

Hedgehog SQL注入漏洞

Hedgehog is an open source dns-stats visualization tool for DNS statistics. Hedgehog has a SQL injection vulnerability , the vulnerability stems from a problem in the function DSCIOManager::dscimportinputfromsource in file src/DSCIOManager.cpp, which can lead to sql injection...

The vulnerability of Centreon’s software for monitoring IT infrastructure lies in the lack of protection for SQL query structures, allowing attackers to execute arbitrary SQL queries.

The vulnerability of Centreon’s IT infrastructure monitoring software relates to the lack of protective measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

CVE-2022-4422

Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0...

xinhu OA SQL注入漏洞

xinhu Xinhu is a rain in the rock rainrocka individual developers of a free open source office OA system. xinhu OA v2.5.0 version of the existence of SQL injection vulnerability, the vulnerability stems from the order parameter can be controlled by iconvsql will bypass the function in the filter...

knex.js SQL注入漏洞

knex.js is an open source SQL query generator. A security vulnerability exists in knex.js version 2.3.0 and earlier, which stems from the presence of a restricted SQL injection that can be exploited to ignore the WHERE clause of a SQL query...

The vulnerability of the Microsoft Dynamics CRM resource planning software lies in the lack of measures taken to protect the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the Microsoft Dynamics CRM resource planning software relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created queries...

CVE-2022-46118

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=productperbrand&bid=...

CVE-2022-46121

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/manageproduct&id=...

Helmet Store Showroom Site SQL注入漏洞

Helmet Store Showroom Site is a platform by Carlo Montero Personal Developer. It allows potential customers of Inquiries Stores to virtually display helmet products. A security vulnerability exists in Helmet Store Showroom Site v1.0, which stems from a SQL injection on the login page and can be...

PT-2022-27227 · Unknown · M0Ver Bible-Online

Name of the Vulnerable Software and Affected Versions: m0ver bible-online affected versions not specified Description: A critical issue has been found in the Search Handler component, specifically in the query function of the src/main/java/custom/application/search.java file. This issue leads to...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection. When relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. Remediation Upgrade sqlite3 ...

WordPress plugin Dokan SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2022-33875

An improper neutralization of special elements used in an SQL Command 'SQL Injection' vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP...

CVE-2022-44347

Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=inquiries/viewinquiry&id=...

Rukovoditel SQL注入漏洞

Rukovoditel is a set of Web-based open source project management software from the Rukovoditel team. The software features project management, customer relationship management, and more. Rukovoditel v3.2.1 version of a security vulnerability , the vulnerability stems from through the headingfield...

PT-2022-27467 · Unknown · Church Management System

Name of the Vulnerable Software and Affected Versions: Church Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/admin/edit members.php" API endpoint. Recommendations: For Church...