Sourcecodester Simple College Website SQL注入漏洞

Sourcecodester Simple College Website is a content management system from Sourcecodester. Sourcecodester Simple College Website suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications, which can be exploit...

CVE-2021-27315

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter...

Hgiga MailSherlock SQL注入漏洞

Hgiga MailSherlock is a set of enterprise mail audit system from Henderson Hgiga, China. HGiga MailSherlock suffers from a SQL injection vulnerability, which stems from the lack of validation of externally entered SQL statements in database-based applications, and can be exploited by an attacker ...

Excellent Infotek Corporation EIC e-document system SQL注入漏洞

Excellent Infotek Corporation EIC e-document system is an application system of Excellent Infotek Corporation. EIC e-document system is an application system of Excellent Infotek Corporation, which provides precise, simple and standardized XML document forms to simplify the process of writing and...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a attacker to execute arbitrary SQL queries.

The vulnerability in the vManage web interface of the Cisco SD-WAN program-defined network is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

CVE-2021-27314

SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page...

Matthias Van Woensel qcubed SQL注入漏洞

Matthias Van Woensel qcubed is an application by Matthias Van Woensel. It provides a PHP model-view-controller framework for rapid application development. A SQL injection vulnerability exists in qcubed all versions including 3.1.1, which allows unauthenticated access to a database via injection ...

Sourcecodesterk Doctor Appointment System SQL注入漏洞

Sourcecodesterk Doctor Appointment System is a Sourcecodesterk open source application. It provides an appointment scheduling feature. Doctor Appointment System version 1.0 suffers from an SQL injection vulnerability that originates from a remote blind SQL injection vulnerability in the name and...

Sourcecodesterk Doctor Appointment System SQL注入漏洞

Doctor Appointment System is a PHP/MySQLi based doctor appointment system. A SQL blind injection vulnerability exists in contactus.php in Doctor Appointment System 1.0. An attacker can exploit this vulnerability to insert malicious SQL queries via the firstname parameter...

Sourcecodesterk Doctor Appointment System SQL注入漏洞

Doctor Appointment System is a PHP/MySQLi based doctor appointment system. A SQL blind injection vulnerability exists in contactus.php in Doctor Appointment System 1.0. The vulnerability can be exploited to insert malicious SQL queries via email parameters...

Cisco SD-WAN vManage 输入验证错误漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. An input validation error vulnerability exists in Cisco SD-WAN vManage, which is caused by improper validation of SQL query inputs on affect...

Nsf bmpanel2 SQL注入漏洞

Nsf bmpanel2 is Nsf an open source application . It provides a NETWM compatible panel for X11. A SQL injection vulnerability exists in bmpanel2, which is accessible without authentication and allows SQL injection...

TPScan

thinkphp rce sql tools...

CVE-2020-36003

The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases...

CVE-2021-22854

The HR Portal of Soar Cloud System fails to filter specific parameters. Remote attackers can inject SQL syntax and obtain all data in the database without privilege...

CVE-2021-22856

The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege...

CGE property management system SQL injection vulnerability

CGE property management system is an application software from CGE China. It provides a system for financial management. A SQL injection vulnerability exists in the CGE property management system, which arises from a lack of validation of externally-entered SQL statements in a database-based...

UBUNTU-CVE-2020-22425

Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, where an authorized user is able to inject additional SQL queries to perform remote command execution...

Mutare Voice SQL Injection Vulnerability

A SQL injection vulnerability exists in Mutare Voice that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL commands...

Sourcecodester Pisay Online E-Learning System SQL注入漏洞

Sourcecodester Pisay Online E-Learning System is an online e-learning system based on PHP and MySQL. Sourcecodester Pisay Online E-Learning System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in a database-based...