The vulnerability of the Zabbix Workstation universal monitoring system, related to errors in processing input data, allows a intruder to execute arbitrary code.

The vulnerability of the Zabbix Workstation universal monitoring system is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing a specially crafted SQL query remotely...

Event Registration System SQL注入漏洞

Event Registration System is a QR code based event registration system by Carlo Montero's personal developer. An SQL injection vulnerability exists in Event Registration System version 1.0, which originates from an unknown function in /admin/login.php that causes SQL injection via the...

Event Registration System SQL注入漏洞

Event Registration System is a QR code based event registration system by Carlo Montero's personal developer. An SQL injection vulnerability exists in Event Registration System version 1.0, which originates from an unknown function in /classes/Master.php that causes SQL injection via the...

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is used by ZOHO USA, Inc. to simplify auditing, demonstrate compliance and detect threats. A security vulnerability exists in ZOHO ManageEngine ADAudit Plus prior to version 7271, which stems from a vulnerability that allows SQL injection in dashboard graphical...

Simple Inventory System SQL注入漏洞

Simple Inventory System is a simple inventory system by argie individual developer. SourceCodester Simple Inventory System version 1.0 suffers from a SQL injection vulnerability that stems from the parameter ITEM in the file updateprice.php that can lead to SQL injection...

PT-2024-34490 · Sourcecodester · Sourcecodester Simple Inventory System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Inventory System version 1.0 Description: A critical issue has been found in the SourceCodester Simple Inventory System, affecting the file tableedit.php. The manipulation of the from and to arguments leads to SQL...

Vulnerability of the Server component: The Audit Plug-in of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server component: The Audit Plug-in of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL protocol...

OpenText Operations Bridge Reporter 安全漏洞

OpenText Operations Bridge Reporter is an informational reporting software from OpenText designed to provide organizations with resource, event, and response time reporting across server, network, and application environments. A security vulnerability exists in OpenText Operations Bridge Reporter...

CVE-2024-4925

A vulnerability was found in SourceCodester School Intramurals Student Attendance Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /intramssams/managecourse.php. The manipulation of the argument id leads to sql injection. The attack may be...

PT-2024-33471 · Sourcecodester · Sourcecodester Simple Online Bidding System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Online Bidding System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /simple-online-bidding-system/admin/index.php?page=manage product. The...

Rockwell Automation FactoryTalk View SE 安全漏洞

Rockwell Automation FactoryTalk View SE is an industrial automation system view interface from Rockwell Automation. Rockwell Automation FactoryTalk View SE suffers from a SQL injection vulnerability that can be exploited by an attacker to view, add, modify, or delete information in a back-end...

PT-2024-27606 · WordPress · The Visualizer: Tables/Charts Manager

Name of the Vulnerable Software and Affected Versions: The Visualizer: Tables and Charts Manager for WordPress versions up to, and including, 3.10.15 Description: The issue is related to a missing capability check on the getQueryData function, allowing authenticated attackers with subscriber-leve...

PT-2024-33658 · Unknown · Simple Chat System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Chat System version 1.0 Description: A critical issue has been found in the Simple Chat System, affecting an unknown part of the file /login.php. The manipulation of the email/password argument leads to SQL injection. It ...

TONGDA Office Anywhere SQL注入漏洞

TONGDA Office Anywhere is a collaborative office OA system. A SQL injection vulnerability exists in TONGDA Office Anywhere 2017, which stems from the fact that incorrect operation of the parameter MIDSTR can lead to sql injection...

Online Examination System SQL Injection Vulnerability

Projectworlds Online Examination System is an online examination system from Projectworlds India. A SQL injection vulnerability exists in Online Examination System version 1.0, which stems from result.php containing unknown code that causes SQL injection via the parameter id...

DigiWin EasyFlow .NET SQL注入漏洞

Digiwin DigiWin EasyFlow .NET is an enterprise-level workflow management WFM platform from Digiwin Software Taiwan, China. NET suffers from a SQL injection vulnerability that stems from a lack of validation of certain input parameters, which could allow a remote attacker to inject arbitrary SQL...

The vulnerability of the application software interface of the BIG-IP Next Central Manager allows unauthorized access to protected information, enabling attackers to obtain the administrator’s password hash.

The vulnerability of the application software interface of the BIG-IP Next Central Manager relates to the disclosure of protected information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the administrator’s password hash by executing a specially...

PT-2024-33324 · Unknown · Kashipara College Management System

Name of the Vulnerable Software and Affected Versions: Kashipara College Management System version 1.0 Description: A critical issue has been discovered, allowing for remote attacks. The problem arises from the manipulation of the id argument, leading to SQL injection in the view students each...

DEBIAN-CVE-2024-31460

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in createallheadernodes function from lib/apiautomation.php , finally resulti...

SAP Global Label Management SQL注入漏洞

SAP Global Label Management is a global label management system from SAP. SAP Global Label Management suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker could use this vulnerability to execute illegal S...