CVE-2022-0592

The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL Injection exploitable by unauthenticated users...

WordPress plugin Personal Dictionary SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in the WordPre...

WordPress plugin MapSVG SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

Broadcom Brocade SANnav SQL注入漏洞

Broadcom Brocade SANnav is a suite of SAN management platforms from Broadcom USA. A security vulnerability exists in Brocade SANnav versions prior to 2.2.0, which can be exploited by an attacker to execute arbitrary SQL commands...

College Management System SQL注入漏洞

College Management System is a simple project. It is used to record students, instructors, subjects, schedules, and all things related to the university.College Management System v1.0 is vulnerable to a SQL injection vulnerability that stems from the coursecode parameter's lack of validation of...

DEBIAN-CVE-2022-29155

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...

wdja SQL注入漏洞

Wdja is a Php-based content management system from the WDJA team. v2.1 of WDJA is vulnerable to SQL injection, which stems from the impact of a SQL injection vulnerability in the front-end search function. An attacker can exploit the vulnerability for SQL injection...

Enhancesoft osTicket SQL注入漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket that originates from an SQL injection during the login and password reset process. An attacker could exploit this vulnerability to gain acce...

OpenLDAP SQL注入漏洞

OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol LDAP from the Openldap Foundation in the United States. A security vulnerability exists in OpenLDAP version 2.x up to and including version 2.5.12, and version 2.6.x up to and including version 2.6.2, which ste...

Poultry Farm Management System SQL注入漏洞

Poultry Farm Management System is a full-featured poultry management system.A SQL injection vulnerability exists in Poultry Farm Management System version 1.0, which stems from an SQL injection vulnerability discovered through the Item parameter in /farm/store.php. No detailed vulnerability detai...

CVE-2022-28585

EmpireCMS 7.5 has a SQL injection vulnerability in AdClass.php...

Fortinet FortiNAC SQL注入漏洞

Fortinet FortiNAC is a network access control solution from Fortinet, Inc. Fortinet FortiNAC versions 8.3.7 through 9.2.2 are vulnerable to SQL injection, a vulnerability that originates when user-provided data is not sufficiently cleaned and can be exploited to send ad-hoc requests to affected...

CVE-2022-1376

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEprivgrpHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-1371

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-1375

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEslogHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-1366

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerChart.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

Red Planet Laundry Management System SQL注入漏洞

Red Planet Laundry Management System is an application management system. A security vulnerability exists in Red Planet Laundry Management System version 1.0 that stems from vulnerability to SQL injection attacks...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. Delta...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. Delta...

WordPress plugin Hermit SQL注入漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The WordPress Hermit plugin 3.1.6 and previous versions are vulnerable to SQL injection, which stems from the la...