WordPress plugin TI WooCommerce Wishlist SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2024-30334

Name of the Vulnerable Software and Affected Versions StylemixThemes Cost Calculator Builder versions 3.2.15 and earlier Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows unauthorized database...

SportsNET SQL注入漏洞

SportsNET is a sports event network application from SportsNET, Inc. SportsNET suffers from a SQL injection vulnerability that can be exploited by an attacker to retrieve, update, and delete all information in the database via a specially crafted SQL query...

WordPress plugin Registrations for the Events Calendar SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress plug...

Hitachi Energy MicroSCADA X SYS600 SQL注入漏洞

Hitachi Energy MicroSCADA X SYS600 is a SCADA product from Hitachi, Japan. It ensures optimal control and reliable operation of your switching station through seamless integration and connectivity between different devices and systems. A SQL injection vulnerability exists in Hitachi Energy...

Brain Low-Code SQL注入漏洞

Brain Low-Code is a software development platform from Brain Low-Code that requires little to no coding to build applications and processes. An SQL injection vulnerability exists in versions of Brain Low-Code prior to 2.1.0. No information about this vulnerability is available at this time, so st...

RuoYi 安全漏洞

RuoYi is a backend management system for individual developers of RuoYi in China. A security vulnerability exists in RuoYi version 4.7.9, which originates from a SQL injection vulnerability in the jobid parameter via /sasfs1...

The vulnerability of the SIEM system testing tool Kraken Stress Testing Toolkit lies in the lack of measures taken to protect the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the SIEM systems’ load testing tools, such as the Kraken Stress Testing Toolkit, is related to the lack of measures taken to protect SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting specially crafted data into...

CVE-2024-8139

A vulnerability has been found in itsourcecode E-Commerce Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file searchlist.php. The manipulation of the argument user leads to sql injection. The attack can be launched remotely. The exploit h...

OESA-2024-2056 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is ZOHO's solution for simplifying audits, proving compliance and detecting threats. ZOHO ManageEngine ADAudit Plus prior to version 8000 suffers from a SQL injection vulnerability that can be exploited by an attacker to execute arbitrary SQL commands...

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is ZOHO's solution for simplifying audits, proving compliance and detecting threats. A SQL injection vulnerability exists in ZOHO ManageEngine ADAudit Plus prior to version 8121, which can be exploited by an attacker to execute custom queries and access database tab...

Centreon Web 安全漏洞

Centreon Web is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for network, system and application resources. A security vulnerability exists in Centreon Web, which originates from a SQL injection vulnerability in the...

PT-2024-5844 · Centreon · Centreon Web

Name of the Vulnerable Software and Affected Versions: Centreon Web versions 22.10.0 through 22.10.22 Centreon Web versions 23.04.0 through 23.04.18 Centreon Web versions 23.10.0 through 23.10.12 Centreon Web versions 24.04.0 through 24.04.2 Description: A SQL Injection vulnerability exists in th...

PT-2024-40507 · Diesel · Diesel

Name of the Vulnerable Software and Affected Versions: Diesel versions prior to 2.2.3 Description: The issue concerns a SQL injection vulnerability that can be exploited by encoding a value larger than 4GiB, causing the length prefix in the protocol to overflow. This can lead to the server...

WordPress WBW Product Table PRO plugin <= 1.9.4 - Unauthenticated Arbitrary SQL Query Execution vulnerability

Unauthenticated Arbitrary SQL Query Execution vulnerability discovered by Dave Jong Patchstack in WordPress Plugin WBW Product Table PRO versions = 1.9.4...

Payroll Management System SQL注入漏洞

Payroll Management System is itsourcecode open source payroll management system. Payroll Management System version 1.0 has a SQL injection vulnerability , the vulnerability stems from the login.php file username parameter has a SQL injection vulnerability...

Kashipara Music Management System 安全漏洞

Kashipara Music Management System is a music management system from Kashipara. Kashipara Music Management System v1.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the id parameter of /music/controller.php?page=viewmusic against external SQL input,...

CVE-2024-42567

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the sid parameter at /search.php?action=2...

itsourcecode Project Expense Monitoring System SQL注入漏洞

Project Expense Monitoring System is itsourcecode open source project expense monitoring system. The SQL injection vulnerability exists in itsourcecode Project Expense Monitoring System version 1.0, which originates from a SQL injection vulnerability in the transferid parameter of the...