OpenClinica SQL注入漏洞

OpenClinica is a commercial open source clinical trial software for electronic data capture EDC and clinical data management CDM. A security vulnerability exists in OpenClinica versions prior to 3.16.1 that stems from the use of string concatenation to create SQL queries...

CVE-2022-30396

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/admin/?page=inventory/manageinventory&id=...

CVE-2022-30392

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/classes/Master.php?f=deletesubcategory...

CVE-2022-30401

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/?p=viewproduct&id=...

CVE-2022-30400

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/admin/orders/vieworder.php?view=user&id=...

Merchandise Online Store SQL注入漏洞

Merchandise Online Store is a merchandise online store system. merchandise Online Store has a security vulnerability that can be exploited by attackers via /vloggersmerch/admin/?page=product/manageproduct&id= to conduct SQL injection attack...

Simple Social Networking Site SQL注入漏洞

Simple Social Networking Site is a social networking site. Simple Social Networking Site has a security vulnerability that can be exploited by attackers to conduct SQL injection attacks via /sns/admin/?page=posts/viewpost&id=...

Merchandise Online Store SQL注入漏洞

Merchandise Online Store is a merchandise online store system. merchandise Online Store has a security vulnerability that can be exploited by attackers to conduct SQL injection via /vloggersmerch/classes/Master.php?f=deletecart attack...

NETGEAR ProSafe SSL VPN firmware FVS336G SQL注入漏洞

The NETGEAR FVS336G is a VPN Virtual Private Network firewall router from NETGEAR. A security vulnerability exists in the NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 versions, which stems from a missing filter escape in USERDBDomains.Domainname in cgi-bin/platform.cgi, which can be...

Merchandise Online Store SQL注入漏洞

Merchandise Online Store is a merchandise online store system. A security vulnerability exists in Merchandise Online Store, which can be exploited by attackers via /vloggersmerch/classes/Master.php?f=deleteinventory to conduct SQL injection attack...

CVE-2022-22413

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022...

CVE-2022-29986

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=deletefacility...

IBM Robotic Process Automation SQL注入漏洞

IBM Robotic Process Automation is a robotic process automation product from IBM Corporation. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. IBM Robotic Process Automation is vulnerable to a SQL injection vulnerability that could be...

Insurance Management System SQL注入漏洞

Insurance Management System is an insurance management system from the personal developer Angel Jude Reyes Suarez. Insurance Management System 1.0 is vulnerable to SQL injection, which could be exploited by attackers to obtain information about data in the target system...

Money Transfer Management System SQL注入漏洞

Money Transfer Management System is a remittance management system.Money Transfer Management System 1.0 is vulnerable to SQL injection, which can be exploited by attackers to obtain information about data in the target system...

CVE-2022-30451

An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1...

CVE-2022-30449

Hospital Management System in PHP with Source Code HMS 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php...

Photosynthetic Technology waimairenCMS SQL注入漏洞

Photosynthetic Technology waimairenCMS is a takeaway content management system from Photosynthetic Technology China. A security vulnerability exists in waimairenCMS versions prior to 9.1. An attacker can exploit the vulnerability to execute code...

CVE-2021-43010

In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can bypass access to sensitive data...

WordPress plugin RSVPMaker SQL注入漏洞

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. RSVPMaker is an event scheduling and RSVP tracking plugin used in WordPress RSVPMaker plugin 9.2.5 and earlier versions are vulnerable to SQL injection, which stems from a lack of SQL escaping and...