SourceCodester Gym Management System SQL注入漏洞

SourceCodester Gym Management System is an American SourceCodester company's gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, databas...

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the parameter phoneNumber of the file /claireblake. statements. An...

PT-2022-18148 · Sourcecodester · Sourcecodester Simple E-Learning System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple E-Learning System affected versions not specified Description: A critical issue was found in the SourceCodester Simple E-Learning System, affecting an unknown function of the file comment frame.php. The manipulation of t...

PT-2022-18020 · Sourcecodester · Sourcecodester Garage Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Garage Management System affected versions not specified Description: A critical issue affects the processing of the file removeUser.php, where the manipulation of the id argument leads to SQL injection. The attack can be...

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements for the postid parameter. An attacker could use this vulnerability to...

CVE-2022-2272

This vulnerability allows remote attackers to bypass authentication on affected installations of Sante PACS Server 3.0.4. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the login endpoint. When parsing the username element,...

CVE-2022-34871

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of poller resources. The issue results from the lack of proper validation of a...

Santesoft Sante PACS Server SQL注入漏洞

Santesoft Sante PACS Server is a DICOM 3.0 compliant PACS server, Modality Worklist server, HTTP Web server for DICOM files, and CD/DVD burning and printing server from Santesoft Cyprus. Used to store, archive, manage, view and burn medical images. A SQL injection vulnerability exists in Santesof...

mariadb: server crash in component arg_comparator::compare_real_fixed

A flaw was found in MariaDB. The component, Argcomparator::comparerealfixed, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

Online Tours And Travels Management System SQL注入漏洞

Online Tours And Travels Management System is an online travel management system by Carlo Montero, an individual developer. A security vulnerability exists in Online Tours And Travels Management System v1.0, which can be exploited by an attacker to perform SQL injection using the pname parameter ...

Pharmacy Management System SQL注入漏洞

Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from the getOrderReport.php startDate parameter in getOrderReport.php lacks validation for extern...

The vulnerability of the editbrand.php implementation allows a hacker to execute arbitrary commands. This vulnerability exists in the Garage Management System optimization tool.

The vulnerability of the editbrand.php implementation, a tool for optimizing the garage management system process, relates to the lack of protective measures for the SQL query structure during the processing of the id parameter. Exploiting this vulnerability allows an attacker, operating remotely...

mariadb: assertion failure in sql/item_cmpfunc.cc

A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/itemcmpfunc.cc, affecting availability...

mariadb: server crash at my_decimal::operator=

A flaw was found in MariaDB. The component, mydecimal::operator=, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

mariadb: server crash in create_tmp_table::finalize

A flaw was found in MariaDB. The component, Createtmptable::finalize, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

Synology CardDAV Server SQL注入漏洞

Synology CardDAV Server is a contact management package from Synology China. It allows you to synchronize and access the address book on Synology NAS. A SQL injection vulnerability exists in Synology CardDAV Server versions prior to 6.0.10-0153, which stems from improper elimination of special...

The vulnerability of the SonicWall Analytics On-Prem global network firewall management system’s analytical service allows attackers to execute arbitrary SQL commands in the application database by failing to protect the SQL query structure.

The vulnerability of the SonicWall Analytics On-Prem global network management system’s analytical service is related to the failure to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands in the application database remotely...

WordPress plugin WP Visitor Statistics SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

Communilink CLink Office SQL注入漏洞

Communilink CLink Office is a control panel for unified management of email and anti-spam filters from Communilink, Hong Kong, China. A security vulnerability exists in CommuniLink CLink Office version v2.0. The vulnerability is exploited by attackers to conduct SQL injection attacks via the...

Garage Management System SQL注入漏洞

SourceCodester Garage Management System Cms-Website is a garage management system by mayurik personal developer. It can help you manage all your vehicles, cars and motorcycles. A security vulnerability exists in Garage Management System 1.0 that stems from This issue affects some unknown processi...