PT-2024-37575 · Bethesda · Bethesda Online Reservation System

Name of the Vulnerable Software and Affected Versions: Bethesda Online Reservation System version 1.0 Description: A critical issue has been found in the Bethesda Online Reservation System, affecting some unknown functionality of the file controller.php. The manipulation of the rmtype id argument...

The vulnerability of the software for FileCatalyst Workflow’s file exchange mechanism lies in the lack of protective measures for the SQL query structure, allowing attackers to exploit their privileges.

The vulnerability of the FileCatalyst Workflow file sharing software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges by injecting specially crafted SQL queries...

Magarsus Consultancy SSO SQL Injection Vulnerability

Magarsus Consultancy SSO is a single sign-on application from Magarsus Consultancy. A SQL injection vulnerability exists in Magarsus Consultancy SSO Single Sign On versions 1.0 through 1.1, which arises from an improper neutralization of special elements used in SQL commands, insufficient...

VulnCheck KEV: CVE-2023-2215

A vulnerability classified as critical has been found in Campcodes Coffee Shop POS System 1.0. Affected is an unknown function of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

Intrado 911 Emergency Gateway Security Vulnerability

Intrado 911 Emergency Gateway is an on-premise management appliance from Intrado USA. A security vulnerability exists in Intrado 911 Emergency Gateway that stems from a login form that is susceptible to a blind SQL injection attack, which allows an attacker to execute malicious code, steal data, ...

CVE-2024-5989

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™...

Rockwell Automation ThinManager 安全漏洞

Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, Inc. It allows thin clients to be assigned to multiple remote desktop servers simultaneously. An input validation error vulnerability exists in Rockwell Automation ThinManager ThinServer, which can be...

OpenCart 安全漏洞

OpenCart is an open source online store management system for creating and managing e-commerce websites. It is known for its user-friendliness and flexibility for online stores of different sizes. OpenCart suffers from an SQL injection vulnerability that stems from the presence of an SQL injectio...

PT-2024-37496 · Unknown · Pear Admin Boot

Name of the Vulnerable Software and Affected Versions: Pear Admin Boot versions up to 2.0.2 Description: A critical vulnerability has been found in Pear Admin Boot, affecting an unknown function of the file /system/dictData/loadDictItem. The manipulation leads to sql injection, and it is possible...

PT-2024-37485 · Unknown · Sourcecodester Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Food Ordering System version 1.0 Description: A critical issue was found in the itsourcecode Online Food Ordering System, affecting some unknown functionality of the file /purchase.php. The manipulation of the customer...

Food Ordering Management System SQL Injection Vulnerability

Food Ordering Management System is a food ordering management system by Carlo Montero, an individual developer. It provides an online platform to order food from a restaurant or fast food chain. A SQL injection vulnerability exists in Food Ordering Management System version 1.0, which stems from...

WordPress plugin Media Library Assistant security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Farm Management System SQL Injection Vulnerability

Farm Management System is an itsourcecode open source farm management system. A SQL injection vulnerability exists in itsourcecode Farm Management System version 1.0, which originates from the index.php in the component Login, which contains some unknown functions that lead to SQL injection via t...

Loan Management System SQL Injection Vulnerability

Loan Management System is a loan management system by razormist Personal Developer. A SQL injection vulnerability exists in itsourcecode Loan Management System version 1.0, which is caused by an unknown function in login.php in the component Login, which leads to SQL injection via the parameter...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from the American company PrestaShop. The solution provides multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop pkfacebook 1.0.1 and prior versions, which stems from the presence o...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from the American company PrestaShop. The solution provides multiple payment methods, short message alerts and product image zoom. A security vulnerability exists in PrestaShop Channable 3.2.1 and earlier versions, which stems from the presence of...

CVE-2024-38347

CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Room Information module via the id parameter...

CVE-2024-37799

CodeProjects Restaurant Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the reservid parameter at viewreservations.php...

Health Care hospital Management System SQL Injection Vulnerability

Health Care hospital Management System is an open source health care hospital management system from Code-Projects. A SQL injection vulnerability exists in Health Care hospital Management System v1.0, which originates from a SQL injection vulnerability in the searvalu parameter in the Staff Info...

Dolibarr ERP/CRM Security Breach

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A security vulnerability exists in Dolibarr ERP/CRM version...