SUSE CVE-2024-4533

The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin users to perform SQL injection attacks...

Online Shoe Store cart.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter qty in the file /cart.php. The vulnerability can be exploited to execute illegal SQL...

like-girl 安全漏洞

like-girl is a couple logging tool by the individual developer of kiCode111 in China. A security vulnerability exists in like-girl version 5.2.0, which originates from SQL injection due to incorrect operation of parameter id/imgText/imgDatd/imgUrl in file /admin/ImgUpdaPost.php...

like-girl 安全漏洞

like-girl is a couple logging tool by the individual developer of kiCode111 in China. A security vulnerability exists in like-girl version 5.2.0, which originates from SQL injection due to the incorrect operation of the parameter bz/ipdz in the file /admin/ipAddPost.php...

CVE-2025-40655

A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the name parameter in /antcatalogue.asp...

CVE-2025-5783

A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. This affects an unknown part of the file /editmyexp.php. The manipulation of the argument emp3workduration leads to sql injection. It is possible to initiate the attack remotely. The...

PHPGurukul Dairy Farm Shop Management System 安全漏洞

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement for the parameter productname in the file...

CVE-2025-5224

A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/add-doctor.php. The manipulation of the argument Doctorspecialization leads to sql injection. It is possible to launch the attack remotely...

CVE-2024-3465

A vulnerability was found in SourceCodester Laundry Management System 1.0. It has been classified as critical. Affected is the function laporanfilter of the file /application/controller/Transaki.php. The manipulation of the argument dari/sampai leads to sql injection. It is possible to launch the...

CVE-2024-5678

Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature...

CVE-2024-1100

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Vadi Corporate Information Systems DIGIKENT GIS allows SQL Injection. This issue affects DIGIKENT GIS: through 2.23.5...

CVE-2024-48255

Cloudlog 2.6.15 allows Oqrs.php getstationinfo stationid SQL injection...

CVE-2023-0303

A vulnerability was found in SourceCodester Online Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file viewprod.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2023-26525

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy.This issue affects Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own...

CVE-2023-24777

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...

CVE-2023-2089

A vulnerability was found in SourceCodester Complaint Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/userprofile.php of the component GET Parameter Handler. The manipulation of the argument uid leads to sql injection. The attack...

CVE-2023-0986

A vulnerability classified as critical has been found in SourceCodester Sales Tracker Management System 1.0. This affects an unknown part of the file admin/?page=user/manageuser of the component Edit User. The manipulation of the argument id leads to sql injection. It is possible to initiate the...

CVE-2023-1459

A vulnerability was found in SourceCodester Canteen Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file changeUsername.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The...

CVE-2023-1592

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file admin/courses/viewclass.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The...

CVE-2022-40098

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/updateexpense.php...