PT-2024-39412 · Unknown · Code-Projects Student Record System

Name of the Vulnerable Software and Affected Versions: code-projects Student Record System version 1.0 Description: A critical issue has been found in the code-projects Student Record System, affecting unknown code in the file /course.php. The manipulation of the coursename argument leads to SQL...

CVE-2024-9039

A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=signup. The manipulation of the argument firstname/lastname/email leads to sql injection...

CVE-2024-9011

A vulnerability, which was classified as critical, was found in code-projects Crud Operation System 1.0. Affected is an unknown function of the file updata.php. The manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...

The vulnerability of the loadModuleTable method in the Ivanti EPM endpoint management software allows a hacker to execute arbitrary code.

The vulnerability of the loadModuleTable method in the Ivanti EPM endpoint management software is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Navidrome SQL注入漏洞

Navidrome is Navidrome Open Source a web-based open source music collection server and streamer. Used to freely listen to music collections from any browser or mobile device. A SQL injection vulnerability exists in Navidrome v0.52.5 and earlier versions, which stems from parameter names not being...

Code-Projects Blood Bank Management System SQL注入漏洞

Code-Projects Blood Bank Management System is a Code-Projects open source blood bank management system. A SQL injection vulnerability exists in Code-Projects Blood Bank Management System version 1.0, which originates from a SQL injection vulnerability in the username/password parameters in the...

PT-2024-39363 · Unknown · Sourcecodester Best Online News Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Online News Portal version 1.0 Description: A critical vulnerability was found in the Comment Section of the SourceCodester Best Online News Portal. The issue affects unknown code in the file /news-details.php. The...

The vulnerability of the Pandora FMS system’s monitoring and management interface allows a perpetrator to execute arbitrary SQL queries and gain unauthorized access to protected information.

The vulnerability of the Pandora FMS system’s monitoring and management interface relates to the improper processing of SQL query headers. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries and gain unauthorized access to protected information...

The vulnerability of the Ivanti EPM endpoint management software lies in the lack of protective measures for the SQL query structure, allowing a hacker to execute arbitrary code.

The vulnerability of the Ivanti EPM endpoint management software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting specially crafted SQL code remotely...

Mautic 安全漏洞

Mautic is an open source marketing automation software from Mautic Open Source. The software monitors and manages websites, sends emails and manages customer resources. Mautic suffers from a security vulnerability that stems from being susceptible to SQL injection attacks, which allow an attacker...

The vulnerability of the Ivanti EPM endpoint management software lies in the lack of protective measures for the SQL query structure, allowing a hacker to execute arbitrary code.

The vulnerability of the Ivanti EPM endpoint management software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting specially crafted SQL code remotely...

CVE-2024-8944

A vulnerability, which was classified as critical, was found in code-projects Hospital Management System 1.0. This affects an unknown part of the file checkavailability.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit...

SFS Consulting InsureE GL SQL注入漏洞

SFS Consulting InsureE GL is an application from SFS Consulting. A SQL injection vulnerability exists in SFS Consulting InsureE GL versions prior to 4.6.2, which stems from an unsatisfactory neutralization of a special element that allows SQL injection...

Code-Projects Crud Operation System SQL注入漏洞

Code-Projects Crud Operation System is a Code-Projects open source application. Code-Projects Crud Operation System version 1.0 suffers from a SQL injection vulnerability that results from manipulation of the parameter sname...

Code-Projects Crud Operation System SQL注入漏洞

Code-Projects Crud Operation System is a Code-Projects open source application. Code-Projects Crud Operation System version 1.0 suffers from a SQL injection vulnerability that stems from the parameter sid in the file /updatedata.php that can lead to SQL injection...

Ivanti Endpoint Manager SQL注入漏洞

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti USA. An SQL injection vulnerability exists in Ivanti Endpoint Manager. An attacker exploiting this vulnerability could remotely execute code...

Ivanti Endpoint Manager SQL注入漏洞

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti USA. An SQL injection vulnerability exists in Ivanti Endpoint Manager. An attacker exploiting this vulnerability could remotely execute code...

ORDAT FOSS-Online 安全漏洞

ORDAT FOSS-Online is an enterprise resource management solution from ORDAT. A security vulnerability exists in ORDAT FOSS-Online versions prior to 2.24.01, which stems from the Forgot Password feature containing a SQL injection vulnerability...

Ivanti Endpoint Manager SQL注入漏洞

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti USA. An SQL injection vulnerability exists in Ivanti Endpoint Manager. An attacker exploiting this vulnerability could remotely execute code...

PT-2024-38567 · WordPress · Adicon Server

Name of the Vulnerable Software and Affected Versions: Adicon Server WordPress plugin versions 1.2 and earlier Description: The Adicon Server WordPress plugin does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...