Health Care hospital Management System SQL Injection Vulnerability

Health Care hospital Management System is an open source health care hospital management system from Code-Projects. A SQL injection vulnerability exists in Health Care hospital Management System v1.0, which originated from a vulnerability that allows an attacker to execute arbitrary web script or...

Best House Rental Management System SQL Injection Vulnerability

Best House Rental Management System is a house rental management system by Mayuri K. Individual developer. A SQL injection vulnerability exists in Best House Rental Management System version 1.0, which stems from a manipulation of the parameter monthof that can lead to SQL injection...

The vulnerability of the wpDataTables plugin (Premium) in the WordPress content management system allows a hacker to execute arbitrary SQL queries.

The vulnerability of the wpDataTables plugin Premium in the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries through the idkey parameter in the...

Advantech iView SQL Injection Vulnerability (CNVD-2025-30966)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from not properly validating a user-supplied string before using a SQL query, whic...

Gym Management System SQL Injection Vulnerability

Gym Management System is a gym management system. The system is developed in C and sql server and features customer and supplier management, product management, sales management, gym membership management, fitness assessment, system logging, database backup and restore. A SQL injection...

Netentsec NS-ASG Application Security Gateway SQL Injection Vulnerability

NetentSec NS-ASG Application Security Gateway is an application security gateway from China NetentSec. A SQL injection vulnerability exists in Netentsec NS-ASG Application Security Gateway version 6.3, which originates from the parameter messagecontent in the file...

Online Bookstore SQL Injection Vulnerability

Online Book Store is an online bookstore by Arvin Arandilla, a personal developer. A SQL injection vulnerability exists in Online Bookstore version 1.0, which is caused by book.php containing an unknown function that causes SQL injection via the parameter bookisbn...

PT-2024-29406 · WordPress · Search & Replace

Name of the Vulnerable Software and Affected Versions: Search & Replace WordPress plugin versions prior to 3.2.2 Description: The issue allows admins to perform SQL injection attacks due to a parameter not being sanitized and escaped before use in a SQL statement. This can be particularly...

Payroll Management System SQL Injection Vulnerability

Payroll Management System is a payroll management system developed by Carlo Montero. A SQL injection vulnerability exists in Payroll Management System version 1.0, which stems from the inclusion of some unknown functions in printpayroll.php that cause SQL injection via the parameter id...

PT-2024-8591 · Ivanti · Ivanti Endpoint Manager

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2024 November Security Update Ivanti Endpoint Manager versions prior to 2022 SU6 November Security Update Description: The issue is related to SQL injection in Ivanti Endpoint Manager, which can be...

CVE-2024-35305

Unauth Time-Based SQL Injection in API allows to exploit HTTP request Authorization header. This issue affects Pandora FMS: from 700 through 777...

The vulnerability of the NotificationX plugin of the WordPress content management system allows a hacker to execute arbitrary SQL queries.

The vulnerability of the NotificationX plugin in the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

The functionality of the pages.php component in the Content Management System allows a hacker to execute arbitrary code or enhance their privileges.

The vulnerability of the pages.php component in the Content Management System software is related to the failure to implement measures to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code or gain increased privileges...

The vulnerability of the GetDBPatches method in the Ivanti Endpoint Manager software for managing endpoints in information networks allows a hacker to execute arbitrary code.

The vulnerability of the GetDBPatches method in the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a...

The vulnerability of the GetVulnerabilitiesDataTable method in the Ivanti Endpoint Manager software for managing endpoints in information networks allows a hacker to execute arbitrary code.

The vulnerability of the GetVulnerabilitiesDataTable method in the Ivanti Endpoint Manager software for managing endpoints in information networks is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary...

The vulnerability of the GetDBVulnerabilities method in the Ivanti Endpoint Manager software for managing endpoints in information networks allows a hacker to execute arbitrary code.

The vulnerability of the GetDBVulnerabilities method in the Ivanti Endpoint Manager software for managing endpoints in information networks is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

CVE-2024-35750

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

The vulnerability of the GetLogFileRulesNameUniqueSQL method in the Ivanti Endpoint Manager software for managing endpoints in information networks allows a attacker to execute arbitrary code.

The vulnerability of the GetLogFileRulesNameUniqueSQL method in the Ivanti Endpoint Manager software for managing endpoints in information networks is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrar...

PT-2024-6312 · Ivanti · Ivanti Epm

Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions prior to 2022 SU6 Ivanti EPM versions prior to the 2024 September update Description: The issue is related to an unspecified SQL injection in Ivanti EPM, which allows a remote authenticated attacker with admin privileges t...

Chanjet Smooth T+system SQL Injection Vulnerability

Chanjet Smooth T+system is an enterprise management software from China's Changjitong Chanjet, which is mainly for small and medium-sized enterprises, providing comprehensive solutions for finance, business, production and supply chain management. The system is designed to help enterprises realiz...