Society Management System SQL注入漏洞

Society Management System is itsourcecode open source a society management system. A SQL injection vulnerability exists in Society Management System version 1.0, which stems from an incorrect manipulation of the expensesid parameter that can lead to sql injection...

PT-2024-11629 · Dropbox · Dropbox

Name of the Vulnerable Software and Affected Versions: Dropbox affected versions not specified Description: The issue concerns a SQL injection vulnerability. No specific details about the vulnerability, affected devices, or real-world incidents are provided. Recommendations: At the moment, there ...

Complaints Report Management System SQL注入漏洞

Complaints Report Management System is a Complaints Report Management System by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Complaints Report Management System version 1.0, which is caused by an SQL injection vulnerability in the id parameter of the...

PT-2024-38084 · Unknown · Tianchoy/Blog

Name of the Vulnerable Software and Affected Versions: Tianchoy Blog versions up to 1.8.8 Description: A critical issue has been found, affecting an unknown part of the file /so.php. The manipulation of the search argument leads to sql injection. It is possible to initiate the attack remotely. Th...

ChurchCRM 安全漏洞

ChurchCRM is an open source CRM system for churches. ChurchCRM 5.8.0 and prior versions suffer from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands t...

Online-Payroll-Management-System SQL注入漏洞

Online-Payroll-Management-System is an online payroll management system by the individual developer MD MAFUJUL HASAN. A SQL injection vulnerability exists in Online-Payroll-Management-System version 20230911 and prior versions, which stems from an incorrect manipulation of the parameter id that c...

Tianchoy Blog SQL注入漏洞

Tianchoy Blog is a blog site of Tianchoy personal developer. A SQL injection vulnerability exists in Tianchoy Blog version 1.8.8 and earlier versions, which stems from an incorrect operation of the search parameter that can lead to sql injection...

RHUB TurboMeeting 安全漏洞

RHUB TurboMeeting is a collaboration solution from RHUB Corp. It provides web conferencing, remote support, audio conferencing, video conferencing, remote access, and webinar support. A security vulnerability exists in RHUB TurboMeeting versions prior to 8.X. The vulnerability is caused by a remo...

The vulnerability of the getFilterString method in the microprogramming software for network devices of the ProSAFE Network Management System (NMS300) allows a perpetrator to execute arbitrary code.

The vulnerability of the getFilterString method in the ProSAFE Network Management System NMS300 microprogramming device lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the testServiceExistence() function in the software for monitoring IT infrastructure of Centreon allows a hacker to execute arbitrary code.

The vulnerability of the testServiceExistence function in the Centreon IT infrastructure monitoring software is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protection for the SQL query structure, allowing attackers to execute arbitrary SQL queries against the database.

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database...

The vulnerability of the Arfa-CMS content management system lies in the lack of measures taken to protect the SQL query structure, allowing for the execution of arbitrary SQL queries.

The vulnerability of the Arfa-CMS content management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

CVE-2024-39250

EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL injection vulnerability via the q parameter in the search web interface...

WordPress ListingPro plugin <= 2.9.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin ListingPro versions = 2.9.4...

CVE-2024-38773

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17...

CVE-2024-6967

A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been classified as critical. This affects an unknown part of the file /employeegatepass/admin/?page=employee/manageemployee. The manipulation of the argument id leads to sql injection. It is...

WordPress uipress-lite plugin <= 3.4.06 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyễn Trung Kiên Patchstack Alliance in WordPress Plugin UiPress lite versions = 3.4.06...

CVE-2024-0857

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection. This issue affects FlexWater Corporate Water Management: before 5.452.0...

CVE-2024-40392

SourceCodester Pharmacy/Medical Store Point of Sale System Using PHP/MySQL and Bootstrap Framework with Source Code 1.0 was discovered to contain a SQL injection vulnerability via the name parameter under addnew.php...

Apache Superset 安全漏洞

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from a SQL injection vulnerability that can be exploited by an attacker to view, add, modify, or delete information in the back-end database...