PT-2024-39844 · Unknown · Code-Projects Blood Bank System

Name of the Vulnerable Software and Affected Versions: code-projects Blood Bank System version 1.0 Description: A critical issue was found in the code-projects Blood Bank System, affecting an unknown function of the file register.php. The manipulation of the user argument leads to SQL injection. ...

LyLme Spage SQL注入漏洞

LyLme Spage six zero navigation page is China six zero LyLme open source a navigation page . Dedicated to simple and efficient advertising-free Internet navigation and search portal , support for background links , custom search engine , precipitation of the most valuable links , no commercial...

LyLme Spage SQL注入漏洞

LyLme Spage six zero navigation page is China six zero LyLme open source a navigation page . Dedicated to simple and efficient advertising-free Internet navigation and search portal , support for background links , custom search engine , precipitation of the most valuable links , no commercial...

LyLme Spage SQL注入漏洞

LyLme Spage six zero navigation page is China six zero LyLme open source a navigation page . Dedicated to simple and efficient advertising-free Internet navigation and search portal , support for background links , custom search engine , precipitation of the most valuable links , no commercial...

EsafeNet CDG SQL注入漏洞

EsafeNet CDG is a document security management system from EsafeNet. EsafeNet CDG V5 version exists SQL injection vulnerability, the vulnerability stems from the parameter id of the file /CDGServer3/document/Catelogs;logindojojs?command=DelCatelogs will lead to SQL injection...

Cavok SQL注入漏洞

Cavok is an application from Cavok, Inc. Cavok suffers from a SQL injection vulnerability that stems from improper neutralization of special elements...

SonarSource SonarQube 安全漏洞

SonarSource SonarQube is an open source code quality management system from SonarSource, Switzerland. A security vulnerability exists in SonarSource SonarQube version 10.4 up to and including 10.6. An attacker can exploit the vulnerability to inject blind SQL commands...

CADClick 安全漏洞

CADClick is a software solution from CADClick, Inc. that creates interactive catalogs of 2D/3D CAD data for individual customer CAD catalogs. A security vulnerability exists in CADClick v1.11.0 and earlier versions that stems from the presence of a SQL injection vulnerability that allows remote...

The vulnerability of the software solutions for control, management, and audit, namely Zoho ManageEngine Password Manager Pro, and the ManageEngine Privileged Access Manager 360 (PAM360) software, allows a perpetrator to execute arbitrary code.

The vulnerability of the Zoho ManageEngine Password Manager Pro and the ManageEngine Privileged Access Manager 360 PAM360 software solutions lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability could allow a...

The vulnerability of the web application for managing rental housing, the Campcodes House Rental System, arises from the lack of measures to protect the SQL query structure. This allows attackers to execute arbitrary SQL queries.

The vulnerability of the web application for managing rental housing, Campcodes House Rental System, is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability of the query_ptask_lean function in the MCUDBHelper component of the PowerPanel Enterprise monitoring and power source management system allows a perpetrator to disclose protected information.

The vulnerability of the queryptasklean function in the MCUDBHelper component of the PowerPanel Enterprise monitoring and power source management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker to disclose...

Codezips Online Shopping Portal SQL注入漏洞

Codezips Online Shopping Portal is a Codezips open source online store system. A SQL injection vulnerability exists in Codezips Online Shopping Portal version 1.0, which stems from an incorrect operation of the username parameter that can lead to sql injection...

EsafeNet CDG 安全漏洞

EsafeNet CDG is a document security management system from EsafeNet. A security vulnerability exists in EsafeNet CDG version V5, which is caused by a SQL injection vulnerability in the id parameter of the NavigationAjax interface...

Advocate Office Management System SQL注入漏洞

Advocate Office Management System is an office management system by Mayuri K. Individual Developer. A SQL injection vulnerability exists in Advocate Office Management System version 1.0, which originates from an SQL injection vulnerability in the id parameter of the /control/editclient.php page...

PT-2024-39128

Name of the Vulnerable Software and Affected Versions: ValeApp versions prior to 2.0.0 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection, potentially compromising the securit...

yylAdmin SQL注入漏洞

yylAdmin is a minimalist backend management system based on ThinkPHP8 and Vue3 by skyselang individual developer. SQL injection vulnerability exists in yylAdmin 3.0 and earlier versions, the vulnerability stems from the parameter isdisable in the file /app/admin/controller/file/File.php which can...

PT-2024-32277 · Ipswitch · Whatsup Gold

Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2024.0.1 Description: A SQL Injection issue allows an authenticated low-privileged user, with at least Report Viewer permissions, to escalate privileges to the admin account. This issue can be exploited by a use...

PT-2024-39549 · Unknown · Dingfanzu Cms

Name of the Vulnerable Software and Affected Versions: dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c Description: A critical issue has been found in the software, affecting some unknown functionality of the file saveNewPwd.php. The manipulation of the username argument leads to sql...

WordPress The Events Calendar plugin <= 6.6.4 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Foxyyy in WordPress Plugin The Events Calendar versions = 6.6.4...

RIELLO UPS NetMan SQL注入漏洞

RIELLO UPS NetMan is a network adapter from RIELLO UPS, Italy. A security vulnerability exists in RIELLO UPS NetMan version 204 4.05, which originates from improper neutralization in the presence of a particular element, resulting in a SQL injection vulnerability...