PT-2022-24316 · Unknown · Interview Management System

Name of the Vulnerable Software and Affected Versions: Interview Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/interview/editQuestion.php" API endpoint. Recommendations: For...

PT-2022-23559 · Unknown · Ingredients Stock Management System

Name of the Vulnerable Software and Affected Versions: Ingredients Stock Management System version 1.0 Description: A SQL injection issue was found in the id parameter at the /classes/Master.php?f=delete category endpoint. Recommendations: For Ingredients Stock Management System version 1.0, avoi...

Interview Management System SQL注入漏洞

Interview Management System is an interview management system for janobe individual developers. A SQL injection vulnerability exists in version 1.0 of Interview Management System, which stems from some unknown handling code in /viewReport.php where entering a special string for the parameter id c...

CVE-2022-34950

Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editproduct.php...

CVE-2022-36161

Orange Station 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...

CVE-2017-20134

A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument sk leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2021-41487

NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName'...

Patient Records Management System SQL注入漏洞

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourcecodester Hospital Patient Records Management System is vulnerable to a SQL injection vulnerability that originate...

WordPress plugin Note Press SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Note Press plugin 0.1.10 and earlier versions are vulnerable to SQL injection, which stems...

Neetai Tech SQL注入漏洞

Neetai Tech is a web development, GST software and accounting software from Neetai India.Neetai Tech is vulnerable to SQL injection, which can be exploited by attackers to cause sql injection issues via manipulation of the /product.php file...

CVE-2022-32015

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=category&search=...

Badminton Center Management System SQL注入漏洞

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. It provides an online and automated platform for badminton centers to manage their daily transactions and records.Badminton Center Management System version v1.0 is vulnerable to SQ...

CVE-2022-30387

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/classes/Master.php?f=payorder...

Merchandise Online Store SQL注入漏洞

Merchandise Online Store is a merchandise online store system. merchandise Online Store has a security vulnerability that can be exploited by attackers via /vloggersmerch/admin/orders/vieworder.php?view=user&id = SQL injection attack...

Hospital Management System SQL注入漏洞

Hospital Management System HMS is a computer system that helps manage health care-related information and helps health care providers do their jobs efficiently. v1.0 of Hospital Management System is vulnerable to SQL injection, which can be exploited by attackers via the patientsearch.php with th...

CVE-2022-28415

Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=deletecollection...

CVE-2022-28022

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deleteitem...

CVE-2022-28020

Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\positionedit.php...

SQL Injection

Overview blazer is an allows you to explore your data with SQL. Easily create charts and dashboards, and share them with your team. Affected versions of this package are vulnerable to SQL Injection by allowing specific variable values to modify the query rather than just the variable. This can...

CSZ CMS SQL注入漏洞

CSZ CMS is a PHP-based open source content management system CMS. CSZ CMS version 1.2.2 contains a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in cszcmsadminUsersviewUsers and can be exploited by attackers to execute illegal SQL...