Facebook News Feed Like SQL注入漏洞

Facebook News Feed Like is a Facebook-like application by oretnom23 Individual Developer. A SQL injection vulnerability exists in Facebook News Feed Like version 1.0, which stems from the fact that incorrect manipulation of the parameter page can lead to sql injection...

CVE-2024-34932

A SQL injection vulnerability in /model/updateexam.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter...

CVE-2024-35085

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in ProcessDefinitionMapper.xml...

CVE-2024-34928

A SQL injection vulnerability in /model/updatesubjectrouting.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter...

PT-2024-3894 · Ivanti · Ivanti Epm

Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions 2022 SU5 and prior Description: The issue exists due to the lack of neutralization of special elements used in the operating system command by the GetDBPatchProducts function in Ivanti EPM. This allows an unauthenticated...

Campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the month...

Campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the name...

Campcodes Complete Web-Based School Management System SQL注入漏洞

Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. An SQL injection vulnerability exists in the Complete Web-Based School Management System version 1.0, which stems from an incorrect operation of the parameter index that can lead to...

J2EEFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from SysMsgPushMapper.xml findPage...

J2EEFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the SysTenantMapper.xml findPage...

Campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in the Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the...

PT-2024-35238 · Campcodes · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A critical issue affects the processing of the file /view/unread msg.php, where the manipulation of the my index argument leads to SQL injection. This issue can be...

Campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the...

Vulnerabilities fixed in Atlassian products

Atlassian has fixed vulnerabilities in several products, including Jira, Confluence and Bitbucket. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Cross-Site Request Forgery XSRF - Denial-of-Service DoS. - Circumvention of...

CVE-2024-3518

The Media Library Assistant plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcodes in all versions up to, and including, 3.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

The vulnerability of the Video Station photo album creation application, related to the lack of measures to protect the SQL query structure, allows attackers to execute arbitrary code.

The vulnerability of the Video Station photo album creation application is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the QuMagie multimedia file storage application for QNAP NAS lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the QuMagie multimedia file storage application for QNAP NAS is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2023-49334

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report...

CVE-2024-5116

A vulnerability, which was classified as critical, has been found in SourceCodester Online Examination System 1.0. Affected by this issue is some unknown functionality of the file save.php. The manipulation of the argument vote leads to sql injection. The attack may be launched remotely. The...

CVE-2024-5114

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacherattendancehistory1.php. The manipulation of the argument index leads to sql injection. It is possible to launch the attack...