Mitel MiCollab SQL注入漏洞

Mitel MiCollab is an enterprise-grade audio, web and video conferencing solution that provides efficient collaboration and communication capabilities. An SQL injection vulnerability exists in Mitel MiCollab, which can be exploited by an attacker to access non-sensitive user configuration...

Learning with Texts SQL注入漏洞

Learning with Texts LWT is a software application by the individual developer Jon Gauthier. It allows users to import text, read, save, view and test words and expressions in multiple languages. A security vulnerability exists in Learning with Texts LWT version 2.0.3, which stems from...

Mitel MiCollab 安全漏洞

Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. A SQL injection vulnerability exists in Mitel MiCollab version 9.7.1.110 and earlier, which stems from insufficient validation of user input in...

Mitel MiCollab SQL注入漏洞

Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. Mitel MiCollab suffers from an SQL injection vulnerability that can be exploited by attackers to access sensitive information and perform...

The vulnerability of the Navidrome media server, related to the lack of protective measures for the SQL query structure, allows attackers to execute arbitrary code and disclose the protected information.

The vulnerability of the Navidrome media server relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and disclose sensitive information by sending specially crafted SQL queries...

Mitel MiCollab SQL注入漏洞

Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. A SQL injection vulnerability exists in Mitel MiCollab version 9.7.1.110 and earlier, which stems from insufficient validation of user input in...

CVE-2024-49613

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Lodel Geraldo Simple Code Insert Shortcode allows SQL Injection.This issue affects Simple Code Insert Shortcode: from n/a through 1.0...

CVE-2024-10162

A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-subadmin.php of the component Edit Subdomain Details Page. The manipulation of the argument sadminusername/fullname/emailid/mobilenumber...

PT-2024-33575 · Unknown · Ferma.Ru.Net

Name of the Vulnerable Software and Affected Versions: FERMA.Ru.Net versions 1.3.3 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command. This allows an...

EsafeNet CDG SQL注入漏洞

EsafeNet CDG is a document security management system from EsafeNet. EsafeNet CDG suffers from a SQL injection vulnerability, which stems from incorrect manipulation of the parameters id and frontId that can lead to sql injection...

PT-2024-16080 · Unknown · Codezips Sales Management System

Name of the Vulnerable Software and Affected Versions: Codezips Sales Management System version 1.0 Description: A critical vulnerability has been found in the Codezips Sales Management System. This issue affects an unknown part of the file deletecustind.php. The manipulation of the argument id...

PT-2024-16069 · Unknown · Phpgurukul Boat Booking System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Boat Booking System version 1.0 Description: A critical issue has been found in the Sign In Page component of the PHPGurukul Boat Booking System, specifically in the /admin/index.php file. The manipulation of the username argument...

EsafeNet CDG SQL注入漏洞

EsafeNet CDG is a document security management system from EsafeNet. EsafeNet CDG suffers from a SQL injection vulnerability, which stems from a misuse of the servername parameter that can lead to sql injection...

PT-2024-16056 · Code Projects · Pharmacy Management System

Name of the Vulnerable Software and Affected Versions: code-projects Pharmacy Management System version 1.0 Description: A critical issue affects the processing of the file "/manage medicine.php?action=delete". The manipulation of the id argument leads to SQL injection. The attack can be initiate...

The vulnerability of the sqlc_make_policyTrig component in the Virtuoso-opensource web application development platform allows a attacker to cause a service failure.

The vulnerability of the sqlcmakepolicyTrig component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow a malicious actor to trigger a service failure using specially...

The vulnerability of the dfe_qexp_list component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the dfeqexplist component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created SQL...

The vulnerability of the sinv_check_exp component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the sinvcheckexp component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created SQL...

The vulnerability of the _IO_default_xsputn component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the IOdefaultxsputn component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created...

The vulnerability of the stricmp component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the stricmp component of the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created SQL...

Hikvision HikCentral Professional 安全漏洞

Hikvision HikCentral Professional is a professional version of Hikvision's AI Cloud-based application management intelligence platform for edge domains. A security vulnerability exists in Hikvision HikCentral Professional versions V2.0.0 through V2.6.0, which is rooted in a susceptible SQL...