WordPress Easy Gallery plugin <= 1.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Easy Gallery versions = 1.4...

CVE-2024-10561

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file birdsupdate.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

PT-2024-16413 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions up to 11.10 Description: A critical vulnerability was found in Tongda OA, affecting the file /pda/workflow/check seal.php. The manipulation of the ID argument leads to SQL injection. The attack can be initiated remotely...

EsafeNet CDG SQL注入漏洞

EsafeNet CDG is a document security management system from EsafeNet China. A SQL injection vulnerability exists in ESAFENET CDG. An attacker can exploit this vulnerability to perform SQL injection attacks...

Codezips Pet Shop Management System SQL注入漏洞

Codezips Pet Shop Management System is an open source pet store management system from Codezips. A SQL injection vulnerability exists in Codezips Pet Shop Management System version 1.0, which originates from an SQL injection in the parameter id...

The vulnerability in the web interface of the Cisco Secure Firewall Management Center (formerly known as Cisco Firepower Management Center) relates to the lack of protective measures for the SQL query structure, allowing an attacker to execute arbitrary code.

The vulnerability in the web interface of the Cisco Secure Firewall Management Center formerly known as Cisco Firepower Management Center relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remote...

PHPGurukul Teachers Record Management System 安全漏洞

Teachers Record Management System is a teacher record management system. Teachers Record Management System is vulnerable to a SQL injection vulnerability that stems from the presence of a SQL injection vulnerability in the add-teacher.php file via a cell phone number or email parameter. No detail...

SAS Studio 安全漏洞

SAS Studio is a Web browser-based programming environment from SAS. A security vulnerability exists in SAS Studio version 9.4. A remote attacker can exploit the vulnerability to execute arbitrary SQL commands via a POST body request...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection through the GraphCypherQAChain class. An attacker can manipulate, delete, or create data, disrupt services, and compromise database integrity by injecting malicious SQL commands into prompts. Note: This vulnerability impac...

LangChain.js SQL注入漏洞

LangChain.js is a build context-aware reasoning application open-sourced by LangChain. An SQL injection vulnerability exists in LangChain.js version 0.2.5 and earlier, which stems from allowing on-the-fly injection, which leads to SQL injection, which allows an attacker to create, update, or dele...

The vulnerability of the listExtensions method implementation in the VMware Hybrid Cloud Extension (HCX) migration software allows a attacker to execute arbitrary code.

The vulnerability of the listExtensions method implementation in the VMware Hybrid Cloud Extension HCX migration software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created SQ...

The vulnerability of the software for managing and monitoring HikCentral Professional video surveillance and security systems lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary SQL code.

The vulnerability of the software for managing and monitoring HikCentral Professional video surveillance and security systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL code...

CVE-2024-50491

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Micah Blu RSVP ME allows SQL Injection.This issue affects RSVP ME: from n/a through 1.9.9...

Codezips Hospital Appointment System SQL注入漏洞

Codezips Hospital Appointment System is a Codezips open source hospital appointment system. Codezips Hospital Appointment System version 1.0 suffers from a SQL injection vulnerability that originates from the parameter Username in the file /loginAction.php that can lead to SQL injection...

Genians Genian NAC 安全漏洞

Genians Genian NAC is a network security and access control software from Genians Korea. It helps organizations identify IP-enabled devices, manage vulnerabilities and check device configurations to protect network access environments. A security vulnerability exists in Genians Genian NAC, which...

LyLme Spage 安全漏洞

LyLme Spage Six Zero navigation page is China Six Zero LyLme open source a navigation page . Dedicated to simple and efficient advertising-free Internet navigation and search portal , support for background links , custom search engine , precipitation of the most valuable links , no commercial...

MRCMS 安全漏洞

MRCMS is a content management system by the individual developer of marker. A security vulnerability exists in MRCMS version 3.1.2, which originates from the RID parameter in /admin/article/delete.do contains a SQL injection vulnerability...

Sourceforge MRBS 安全漏洞

Sourceforge MRBS is a Sourceforge open source online meeting room management system. A security vulnerability exists in Sourceforge MRBS version 1.5.0, which originates from a SQL injection vulnerability in the editentryhandler.php file...

Online Time Table Generator SQL注入漏洞

Online Time Table Generator is an online time table generator by Yugesh Verma Personal Developer. A SQL injection vulnerability exists in Online Time Table Generator version 1.0, which stems from the parameter c in the file /timetable/admin/admindashboard.php?info=addcourse that can lead to SQL...

Code-Projects Blood Bank Management System SQL注入漏洞

Code-Projects Blood Bank Management System is a Code-Projects open source blood bank management system. A SQL injection vulnerability exists in Code-Projects Blood Bank Management System version 1.0, which originates from an SQL injection vulnerability in the search parameter of the /abs.php file...