5717 matches found
CVE-2022-35175
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hiddenid parameter at /blotter/blotter.php...
CVE-2022-35603
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt...
InventoryManagementSystem SQL注入漏洞
InventoryManagementSystem is an inventory management system by Sajan Rajbhandari, an individual developer. It provides an easy way to track products, suppliers, customers, and purchasing and sales information. A SQL injection vulnerability exists in InventoryManagementSystem version 1.0, which...
Barangay Management System SQL注入漏洞
Barangay Management System is a database driven system. A SQL injection vulnerability exists in Barangay Management System v1.0, which was discovered via the hiddenid parameter in /blotter/blotter.php...
InventoryManagementSystem SQL注入漏洞
InventoryManagementSystem is an inventory management system by Sajan Rajbhandari, an individual developer. It provides an easy way to track products, suppliers, customers, and purchasing and sales information. An SQL injection vulnerability exists in InventoryManagementSystem version 1.0, which...
The vulnerability of the Rapid7 Nexpose vulnerability management system lies in the insufficient protection of the SQL query structure. This allows attackers to manipulate the “ANY” and “OR” operators in SearchCriteria, thereby allowing them to inject malicious SQL code.
The vulnerability of the Rapid7 Nexpose vulnerability management system is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to manipulate the “ANY” and “OR” operators in SearchCriteria and introduce malicious SQL code...
The vulnerability of the Photonic Plugin, related to the lack of protection for the SQL query structure, allows attackers to put the database into a sleep state.
The vulnerability of the Photonic Plugin is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to put the database into a sleep mode...
CVE-2022-36599
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists...
Guest Management System SQL注入漏洞
Guest is an application product.Guest Management System is a web-based system designed to monitor the records of everyone who enters a school or college. An SQL injection vulnerability exists in SourceCodester Guest Management System. An attacker exploits the vulnerability to manipulate the...
IBM Sterling B2B Integrator SQL注入漏洞
IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates important B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities.IBM Sterling B2B Integrator Standard Edition has a SQL...
Gas Agency Management System SQL注入漏洞
Gas Agency Management System is a gas agency management software by Mayuri K. Personal Developer. It is used to manage the daily operations of a gas agency. A SQL injection vulnerability exists in Gas Agency Management System. An attacker can exploit this vulnerability by manipulating the paramet...
Google Android SQL注入漏洞
Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android 13, which stems from improper input validation SQL injection in MMSProvider that may read protected data, which may lead to local information...
Automated Beer Parlour Billing System SQL注入漏洞
Automated Beer Parlour Billing System is an automated hotel beer billing system by the individual developer Senior Walter. A security vulnerability exists in Automated Beer Parlour Billing System. An attacker could exploit the vulnerability by manipulating the parameter username to cause an sql...
PT-2022-23056 · Unknown · Update By Case
Name of the Vulnerable Software and Affected Versions: update by case gem versions prior to 0.1.3 Description: The issue concerns a SQL injection vulnerability due to the use of custom, unsanitized SQL strings in the update by case gem. This vulnerability allows for potential SQL injection attack...
Loan Management System SQL注入漏洞
Loan Management System is a loan management system by razormist individual developers. Loan Management System suffers from a SQL injection vulnerability that stems from some unknown functionality in the file /index.php being affected, where manipulation of the parameter password can lead to sql...
Keysight Technologies Sensor Management Server SQL注入漏洞
Keysight Technologies Sensor Management Server is a sensor management server from Keysight Technologies, USA. A security vulnerability exists in Keysight Technologies Sensor Management Server SMS that originates from the ability of an unauthenticated, remote attacker to effectively take control o...
mariadb: server crash at Field::set_default via specially crafted SQL statements
A flaw was found in MariaDB. The component, Field::setdefault, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...
mariadb: server crash at my_decimal::operator=
A flaw was found in MariaDB. The component, mydecimal::operator=, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...
mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer
MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2022-2460 WPDating < 7.4.0 - Multiple Unauthenticated SQLi
The WPDating WordPress plugin before 7.4.0 does not properly escape user input before concatenating it to certain SQL queries, leading to multiple SQL injection vulnerabilities exploitable by unauthenticated users...