DHIS 2 SQL注入漏洞

DHIS2 is an information system for data capture, management, validation, analysis, and visualization. DHIS2 is vulnerable to SQL injection, which can be exploited by attackers to read, edit, and delete data in the DHIS2 instance database...

The vulnerability of the OpenLDAP protocol lies in the lack of measures taken to protect the SQL query structure, allowing attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the OpenLDAP protocol lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information through a specially crafted query...

CVE-2022-30500

Jfinal cms 5.1.0 is vulnerable to SQL Injection...

CVE-2022-29688

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy...

CVE-2022-29662

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/news/save...

CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. A SQL injection vulnerability exists in CSCMS Music Portal System, which can be exploited by attackers to execute illegal SQL commands...

74cms SQL注入漏洞

74cms is an online recruitment system based on PHP and MySQL by China Xunyi Technology Company. A SQL injection vulnerability exists in 74cmsSE v3.5.1, which originates from the lack of validation of the keyword parameter in /home/jobfairol/resumelist for externally entered SQL statements. An...

CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability that originates from the id parameter in /admin.php/user/leveldel that lacks validation of externally...

CVE-2022-28862

In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities occur in dwr/call/plaincall/workflow.runWorkflowRule.dwr. Through the injection of arbitrary SQL statements, a potential attacker can modify query syntax and perform unauthorized and unexpected operations against the remo...

Terraboard SQL注入漏洞

Terraboard is a web panel for visualizing and querying Terraform status. sql injection vulnerability exists in versions prior to Terraboard 2.2.0, which can be exploited by attackers to conduct SQL injection attacks...

GHSA-V2VM-HQ26-5JV6 Mattermost Server is vulnerable to SQL Injection when executing multiple POST requests

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts...

WordPress plugin Nirweb support SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Nirweb support is vulnerable to SQL injection, a vulnerability that stems from...

CVE-2022-26632

Multi-Vendor Online Groceries Management System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /products/viewproduct.php...

School Dormitory Management System SQL注入漏洞

School Dormitory Management System is a school dormitory management system. SQL injection vulnerability exists in School Dormitory Management System v1.0, which originates from /dms/admin/reports/dailycollection The report.php parameter lacks validation for external input SQL statements. An...

Simple Student Quarterly Result/Grade System SQL注入漏洞

Simple Student Quarterly Result/Grade System is a student quarterly grade management system from the individual developer Carlo Montero. A security vulnerability exists in Simple Student Quarterly Result/Grade System version 1.0, which stems from an SQL injection vulnerability...

CVE-2022-1361

The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user’s accounts and devices...

Toll Tax Management System SQL注入漏洞

Toll Tax Management System is a toll tax management system. A SQL injection vulnerability exists in Toll Tax Management System version 1.0, which stems from the id parameter being susceptible to SQL injection attacks. The vulnerability can be exploited by an attacker to obtain sensitive informati...

CVE-2022-1731

Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO or System authentication are required to be enabled for vulnerable conditions to exist...

HMS SQL注入漏洞

HMS is a computer or web-based hospital management system. version 1.0 of HMS is vulnerable to SQL injection, which stems from the presence of multiple parameters that can lead to SQL injection when requesting appointment.php using the POST method. An attacker could use this vulnerability to obta...

Hospital Management System SQL注入漏洞

Hospital Management System HMS is a computer system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. hospital Management System v1.0 is vulnerable to SQL injection, which can be exploited by attackers via the SQL injection via the deli...