PrestaShop Security Breach

PrestaShop is a set of open source e-commerce solutions from PrestaShop, USA. The solution offers multiple payment methods, short message alerts and product image zoom. A security vulnerability exists in PrestaShop CD Custom Fields 4 Orders version 1.0.0 and earlier versions. An attacker exploite...

CVE-2022-46498

Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the docnumber parameter at hisadminviewsingleemployee.php...

CVE-2023-49989

Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at update.php...

Hotel Booking Management Security Breach

Hotel Booking Management is a database web application for hotel booking management by Pratham Personal Developer. A security vulnerability exists in Hotel Booking Management v1.0, which was discovered to contain an SQL injection vulnerability through the npss parameter in rooms.php...

Hospital Management System Security Vulnerability

The Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. A security vulnerability exists in Hospital Management System version 1.0 that stems from an SQL injection vulnerability contained...

AZL-35763 CVE-2024-27289 affecting package telegraf for versions less than 1.29.4-4

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for ...

Lost and Found Information System SQL Injection Vulnerability

Lost and Found Information System is a lost and found information system by oretnom23 individual developers. A SQL injection vulnerability exists in the Sourcecodester Lost and Found Information System version 1.0, which originates from the system's susceptibility to unauthenticated SQL injection...

The vulnerability of the MSSQL Database Storage Backend component in the platform for archiving corporate information, HashiCorp Vault and Vault Enterprise, allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the MSSQL Database Storage Backend component in the HashiCorp Vault and Vault Enterprise archiving platforms relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows attackers to execute arbitrary SQL commands...

CVE-2023-49968

Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customersupport/managedepartment.php...

CVE-2023-49547

Customer Support System v1 was discovered to contain a SQL injection vulnerability via the username parameter at /customersupport/ajax.php?action=login...

Customer Support System 安全漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a SQL injection vulnerability that originates from...

Baizhuo Network Smart s200 Management Platform Security Vulnerability

Baizhuo Network Smart s200 Management Platform is a network management platform from Baizhuo, China. A security vulnerability exists in Baizhuo Network Smart s200 Management Platform v.S200, which originates from a SQL injection vulnerability in the /importexport.php component...

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

PT-2024-22114 · Arista · Arista Ng Firewall

Name of the Vulnerable Software and Affected Versions: Arista NG Firewall affected versions not specified Description: The issue concerns multiple SQL Injection vulnerabilities in the reporting application of the Arista Edge Threat Management - Arista NG Firewall. These vulnerabilities can be...

Online Mobile Management Store SQL Injection Vulnerability

Online Mobile Management Store is an online mobile store management system. A SQL injection vulnerability exists in Online Mobile Management Store version 1.0, which originates from a SQL injection vulnerability in the parameter id of the file /admin/orders/vieworder.php...

PT-2024-18702 · Sourcecodester · Sourcecodester Simple Online Bidding System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Online Bidding System version 1.0 Description: A critical issue has been found in the system, affecting an unknown part of the file index.php. The manipulation of the category id argument leads to SQL injection. It is...

Petrol Pump Management Software SQL Injection Vulnerability

Petrol Pump Management Software is a gasoline pump management software by mayurik individual developer. A SQL injection vulnerability exists in Petrol Pump Management Software version 1.0, which originates from a SQL injection issue in the /admin/app/logincrud.php file...

PT-2024-18685 · Sourcecodester · Sourcecodester Petrol Pump Management

Name of the Vulnerable Software and Affected Versions: SourceCodester Petrol Pump Management Software version 1.0 Description: A critical issue has been found in the software, affecting the file /admin/app/login crud.php. The manipulation of the email argument leads to SQL injection. It is possib...

Computer Inventory System SQL Injection Vulnerability

Computer Inventory System is a computer inventory system by rems individual developers. A SQL injection vulnerability exists in Computer Inventory System version 1.0, which stems from an SQL injection issue in the /endpoint/delete-computer.php file...

CVE-2023-7110

A vulnerability, which was classified as critical, has been found in code-projects Library Management System 2.0. This issue affects some unknown processing of the file login.php. The manipulation of the argument student leads to sql injection. The attack may be initiated remotely. The exploit ha...