TSG Tokheim Profleet DiaLOG Fuel Management System SQL注入漏洞

TSG Tokheim Profleet DiaLOG Fuel Management System is a fuel management system from TSG UK.A SQL injection vulnerability exists in TSG Tokheim Profleet DiaLOG Fuel Management System, which can be exploited by attackers to cause remote code execution as root user...

PT-2022-1665 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: SQL Server for Linux Containers affected versions not specified Description: The issue is related to insecure privilege management in Microsoft SQL Server for Linux. Exploitation of this issue may allow an attacker to elevate their privileges...

Synology DiskStation Manager SQL注入漏洞

Synology DiskStation Manager DSM is an operating system used on network storage servers NAS by Synology Inc. of Taiwan, China. A SQL injection vulnerability exists in Synology DiskStation Manager, which stems from the failure of the product's Log Management function to handle special characters i...

The vulnerability of the app/admin/routing/edit-bgp-mapping-search.php web application for managing IP addresses in phpipam allows a attacker to execute arbitrary SQL queries.

The vulnerability of the app/admin/routing/edit-bgp-mapping-search.php web application for managing IP addresses in phpipam lies in the lack of measures taken to protect the SQL query structure when processing the “subnet” parameter. Exploiting this vulnerability allows a malicious actor to execu...

Emlog SQL注入漏洞

Emlog is a PHP and MySQL based CMS website builder by the individual developer of Emlog. Emlog has a SQL injection vulnerability, which originates from the discovery that Emlog v6.0 contains a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid...

The vulnerability of the GLPI system’s handling of requests and incidents, related to the failure to protect the SQL query structure, allows attackers to execute arbitrary SQL queries.

The vulnerability of the GLPI system’s handling of requests and incidents is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

Victor CMS SQL注入漏洞

Victor CMS is an open source content management system from the individual developers of Victor Alagwu in Nigeria.A security vulnerability exists in Victor CMS, which stems from the lack of validation of externally entered SQL statements in the database-based application. An attacker could exploi...

DEBIAN-CVE-2021-46667

MariaDB before 10.6.5 has a sqllex.cc integer overflow, leading to an application crash...

Elite Graphix Elite Cms SQL注入漏洞

Elite Graphix Elite Cms is a web content management written in Php language from Elite Graphix India. platform for storing and organizing information and documents. Elite Graphix Elite Cms suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL...

WordPress pluginSQL注入漏洞

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language.The WordPress Perfect Survey plugin has a SQL injection vulnerability in versions prior to 1.5.2, which stems from the lack of validation of externally entered SQL statements in database-based...

Victor CMS SQL注入漏洞

Victor CMS is an open source content management system from the individual developers of Victor Alagwu in Nigeria. victor CMS has a SQL injection vulnerability in v1.0, which stems from the lack of validation of externally entered SQL statements in database-based applications. An attacker could...

showdoc SQL注入漏洞

showdoc is open source a great tool for IT teams to share documents online. A SQL injection vulnerability exists in showdoc versions prior to 2.10.3, which stems from a lack of validation of the uid parameter of showdoc against externally entered SQL statements. An attacker can exploit this...

Online Payment Hub SQL注入漏洞

Online Payment Hub is an online payment hub for Carlo Montero personal developers. The Online Payment Hub is vulnerable to SQL injection due to a lack of filtering and escaping of SQL data in Login.php, which could be exploited to execute arbitrary SQL commands via the username parameter...

CVE-2021-46308

An SQL Injection vulnerability exists in Sourcecodester Online Railway Reservation Sysytem 1.0 via the sid parameter...

kabirkhyrul Hospital Managment System SQL注入漏洞

Hospital Managment System HMS is a computer or web-based system that helps manage the operations of a hospital or any medical facility.Hospital Managment System is vulnerable to a SQL injection vulnerability that stems from a database based application that lacks validation of externally entered...

MingSoft Mcms SQL注入漏洞

Mcms is a complete open source J2ee system from China MingFei MingSoft. mcms v5.2.4 version has a SQL injection vulnerability, which originates in /ms/mdiy/model/importJson.do for the lack of filtering and escaping of SQL data. No detailed vulnerability details are available at this time...

kabirkhyrul Hospital Managment System SQL注入漏洞

Hospital Managment System HMS is a computer or web-based system that helps manage the operations of a hospital or any medical facility.Hospital Managment System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands...

Sourcecodester Online Railway Reservation system SQL注入漏洞

SourceCodester Online Railway Reservation system is a web-based application that provides an online platform for rail or train station passengers or potential passengers to browse their schedules and reserve seats. sourceCodester Online Railway Reservation system is vulnerable to a SQL injection...

code-projects Pharmacy Management SQL注入漏洞

code-projects Pharmacy Management is a pharmacy management system. A SQL injection vulnerability exists in code-projects Pharmacy Management because the username parameter in the product administrator login form does not effectively filter special characters in the input data. The vulnerability c...

Mitsubishi Electric MC Works64 缓冲区错误漏洞

Mitsubishi Electric MC Works64 is a data acquisition and monitoring system SCADA from Mitsubishi Electric Japan. A security vulnerability exists in Mitsubishi Electric MC Works64 that stems from a coding error in the SQL query engine memory allocation code that makes it possible to execute a seri...