Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from improper neutralization of...

CVE-2024-7366

A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=login of the component Login. The manipulation of the argument username leads to sql injection. It is possible to...

SourceCodester Simple Realtime Quiz System 安全漏洞

SourceCodester Simple Realtime Quiz System is a real-time quiz system from SourceCodester, Inc. A security vulnerability exists in version 1.0 of the SourceCodester Simple Realtime Quiz System, which stems from an SQL injection vulnerability in the id parameter of the /managequiz.php file...

SourceCodester Tracking Monitoring Management System SQL注入漏洞

SourceCodester Tracking Monitoring Management System is a monitoring management system from SourceCodester Inc. A SQL injection vulnerability exists in SourceCodester Tracking Monitoring Management System version 1.0, which is caused by an SQL injection vulnerability in the id parameter of the...

SourceCodester Tracking Monitoring Management System SQL注入漏洞

SourceCodester Tracking Monitoring Management System is a monitoring management system from SourceCodester Inc. A SQL injection vulnerability exists in SourceCodester Tracking Monitoring Management System version 1.0, which originates from an SQL injection vulnerability in the id parameter of the...

SourceCodester Simple Realtime Quiz System SQL注入漏洞

SourceCodester Simple Realtime Quiz System is a real-time quiz system from SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester Simple Realtime Quiz System version 1.0, which stems from an SQL injection vulnerability in the quiz parameter of the /quizboard.php file...

CVE-2024-7320

A vulnerability classified as critical has been found in itsourcecode Online Blood Bank Management System 1.0. This affects an unknown part of the file /admin/index.php of the component Admin Login. The manipulation of the argument user leads to sql injection. It is possible to initiate the attac...

PT-2024-5757 · Unknown · Kraken Stress Testing Toolkit

Name of the Vulnerable Software and Affected Versions: Kraken Stress Testing Toolkit affected versions not specified Description: The issue is related to the lack of protection for the SQL query structure in the Kraken Stress Testing Toolkit, a tool for load testing SIEM systems. This can be...

Establishment Billing Management System SQL注入漏洞

Establishment Billing Management System is a billing management system by oretnom23 Individual Developer. An SQL injection vulnerability exists in the Establishment Billing Management System version 1.0, which stems from an incorrect manipulation of the parameter id that can lead to sql injection...

Establishment Billing Management System 安全漏洞

Establishment Billing Management System is a billing management system by oretnom23 individual developer. A security vulnerability exists in Establishment Billing Management System version 1.0, which stems from an incorrect manipulation of the parameter id that can lead to sql injection...

PT-2024-38228 · Sourcecodester · Sourcecodester Lot Reservation Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Lot Reservation Management System version 1.0 Description: A critical issue was found in the system, affecting the file /admin/ajax.php?action=login. The manipulation of the username argument leads to sql injection. This issue...

Xinhu RockOA SQL注入漏洞

Xinhu RockOA is an office OA system of China Xinhu Company. A SQL injection vulnerability exists in Xinhu RockOA version 2.6.2, which originates from the parameter nickName in the function dataAction /webmain/task/openapi/openmodhetongAction.php, which can lead to SQL injection...

Establishment Billing Management System SQL注入漏洞

Establishment Billing Management System is a billing management system by oretnom23 Individual Developer. An SQL injection vulnerability exists in the Establishment Billing Management System version 1.0, which stems from an incorrect manipulation of the parameter id that can lead to sql injection...

The vulnerability in the OpenResty web platform’s control panel for the Linux server 1Panel involves a lack of security measures regarding the SQL query structure. This allows attackers to execute arbitrary code and upload any files they desire.

The vulnerability of the OpenResty web platform’s control panel for the Linux server 1Panel relates to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and upload arbitrary files...

The vulnerability of the HUSKY plugin – Products Filter Professional for WooCommerce (formerly WOOF) of the WordPress content management system – relates to the failure to protect the SQL query structure. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the HUSKY plugin – Products Filter Professional for WooCommerce previously WOOF of the WordPress content management system – is related to the lack of protection for the SQL query structure when processing the woofauthor parameter. Exploiting this vulnerability allows an...

CVE-2024-6699

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mikafon Electronic Inc. Mikafon MA7 allows SQL Injection. This issue affects Mikafon MA7: from v3.0 before v3.1...

SiberianCMS SQL注入漏洞

SiberianCMS is an enterprise-level content management system that offers a variety of features for creating and managing web content. SiberianCMS suffers from a SQL injection vulnerability that originates from the system failing to properly neutralize special elements in SQL commands. The...

Hewlett Packard Enterprise ClearPass Policy Manager 安全漏洞

Hewlett Packard Enterprise ClearPass Policy Manager is a wireless network security access management system from Hewlett Packard Enterprise. A security vulnerability exists in Hewlett Packard Enterprise ClearPass Policy Manager that originates from a vulnerability that could allow an authenticate...

CVE-2024-37858

SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/managecategory.php...

CVE-2024-7191

A vulnerability, which was classified as critical, has been found in itsourcecode Society Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/getbalance.php. The manipulation of the argument studentid leads to sql injection. The attack may be launched...