Artica Pandora FMS SQL Injection Vulnerability

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. An SQL injection vulnerability exists in Artica Pandora FMS versions 700 through 776, which arises from an improper...

AMSS++ SQL Injection Vulnerability

AMSS++ is a tool for the office administration support system of Amssplus. An SQL injection vulnerability exists in AMSS++ version 4.31, which originates from an SQL injection vulnerability in the username parameter of the /amssplus/index.php page...

AMSS++ SQL Injection Vulnerability

AMSS++ is a tool for office management support systems from Amssplus. An SQL injection vulnerability exists in AMSS++ version 4.31, which stems from an SQL injection vulnerability in multiple parameters of the /amssplus/modules/book/main/bookdetailkhetperson.php page...

CVE-2024-2554

A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file update-employee.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched...

JFinalCMS SQL注入漏洞

JFinalCMS is a content management system. JFinalCMS version 5.0.0 suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the file /admin/divdata/delete. An attacker can exploit this vulnerability to execute illegal SQL comman...

PandaX SQL Injection Vulnerability

PandaX is PandaX open source a Go language open source low-code development framework for enterprise IoT platforms. An SQL injection vulnerability exists in PandaX version 20240310 and earlier versions, which stems from the fact that incorrect manipulation of the parameter roleKey can lead to sql...

Employee Task Management System SQL Injection Vulnerability

Employee Task Management System is an Employee Task Management System by Carlo Montero Personal Developer. An SQL injection vulnerability exists in Employee Task Management System version 1.0, which stems from an incorrect operation of the parameter adminid that can result in an sql injection...

Online-College-Event-Hall-Reservation-System Security Vulnerability

Online-College-Event-Hall-Reservation-System is an online college event hall reservation system by Magesh K individual developer. Designed to automate the hall booking process to eliminate manual logging and increase efficiency. A security vulnerability exists in...

CVE-2024-2480

A vulnerability classified as critical was found in MHA Sistemas arMHAzena 9.6.0.0. This vulnerability affects unknown code of the component Executa Page. The manipulation of the argument Companhia/Planta/Agente de/Agente até leads to sql injection. The attack can be initiated remotely. The explo...

The vulnerability of the Fortinet FortiClient Enterprise Management Server (EMS) server lies in the lack of security measures for the SQL query structure, allowing attackers to execute arbitrary code or commands.

The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS server relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or commands by sending specially crafted SQL queries...

PrestaShop SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts, and product image scaling. A SQL injection vulnerability exists in PrestaShop stproductcomments v.1.0.5 and earlier versions, which...

SourceCodester Best POS Management System SQL Injection Vulnerability

SourceCodester Best POS Management System is a POS management system from SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester Best POS Management System version 1.0, which stems from a parameter id in the file /vieworder.php that can lead to SQL injection...

CVE-2024-26164

Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability...

CVE-2023-48788

A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets...

Fortinet FortiClientEMS SQL注入漏洞

Fortinet FortiClientEMS is part of Fortinet's Endpoint Management solution from Fortinet, a U.S.-based company, and is designed to help organizations effectively manage endpoint devices in their networks and provide monitoring and control of endpoint security. A SQL injection vulnerability exists...

Microsoft OLE DB Provider for SQL Server Security Vulnerability

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...

Microsoft Django Backend for SQL Server Security Vulnerability

Microsoft Django Backend for SQL Server is a database backend for the Django web framework for connecting to and manipulating Microsoft SQL Server databases from Microsoft USA. A security vulnerability exists in Microsoft Django Backend for SQL Server. An attacker can exploit the vulnerability to...

CVE-2024-1068

The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...

The vulnerability of the QTS, QuTS Hero, QuTScloud, and myQNAPcloud operating systems lies in the lack of security measures for the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the QTS, QuTS Hero, QuTScloud, and myQNAPcloud operating systems is related to the lack of security measures for handling SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2024-2283

A vulnerability classified as critical has been found in boyiddha Automated-Mess-Management-System 1.0. Affected is an unknown function of the file /member/view.php. The manipulation of the argument date leads to sql injection. It is possible to launch the attack remotely. The exploit has been...