CVE-2023-48987

Blind SQL Injection vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component...

Online Medicine Ordering System SQL Injection Vulnerability

Online Medicine Ordering System is an online medicine ordering system by Carlo Montero, an individual developer. A security vulnerability exists in Online Medicine Ordering System v1.0, which is caused by a SQL injection vulnerability in the component /omos/?p=products/viewproduct...

F5 BIG-IP SQL Injection Vulnerability

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. F5 BIG-IP suffers from an SQL injection vulnerability that originates from an SQL injection vulnerability in an undisclosed pa...

Barangay Population Monitoring System SQL Injection Vulnerability

Barangay Population Monitoring System is a regional population monitoring system by the individual developer Remy Andrade. A security vulnerability exists in Barangay Population Monitoring System version 1.0, which originates from a SQL injection vulnerability in the file...

CVE-2024-21361

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Microsoft WDAC OLE DB provider for SQL Security Vulnerability

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft WDAC OLE DB provider for SQL. The following products and versions are affected: Windows 10 Version 22H2...

Dell Unity SQL注入漏洞

Dell Unity is a set of virtual Unity storage environments from Dell USA. A SQL injection vulnerability exists in Dell Unity prior to version 5.4, which stems from the inclusion of an operating system command injection vulnerability in its svccava utility. An attacker could exploit this...

PT-2024-4033 · Cu Solutions · Cu Solutions Group Content Management System

Name of the Vulnerable Software and Affected Versions: CU Solutions Group CUSG Content Management System CMS versions prior to 7.75 Description: The issue is related to a Blind SQL Injection vulnerability in the pages.php component, which can be exploited by a remote attacker to execute arbitrary...

Cinema Seat Reservation System SQL Injection Vulnerability

Cinema Seat Reservation System is a Code-projects open source movie theater seat reservation system . Cinema Seat Reservation System version 1.0 has a SQL injection vulnerability , the vulnerability stems from allowing SQL injection via the id parameter in Cinema-Reservation/booking.php...

PrestaShop SQL Injection Vulnerability

PrestaShop is a set of open source e-commerce solutions from PrestaShop, USA. The solution provides multiple payment methods, short message alerts and product image scaling. A SQL injection vulnerability exists in PrestaShop hsmultiaccessoriespro version 5.1.1 and earlier versions. A remote...

Hotel Managment System SQL Injection Vulnerability

Hotel Managment System is an open source hotel management system from Code-projects. Hotel Managment System version 1.0 suffers from a SQL injection vulnerability that originates from allowing SQL injection via the rid parameter in Hotel/admin/roombook.php...

PT-2024-19672 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this issue. The specific flaw exists within the...

PT-2024-19674 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this issue. The specific flaw exists within the...

The vulnerability of the pollers.php script, a network monitoring software, allows a hacker to execute arbitrary code.

The vulnerability of the pollers.php script, a network monitoring software, is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

PrestaShop SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A SQL injection vulnerability exists in PrestaShop hiadvancedgiftwrapping versions prior to 1.4.1. An attack...

Novel-Plus Security Vulnerability

Novel-Plus is an online social reading and writing platform from Novel-Plus, Inc. A security vulnerability exists in Novel-Plus version v4.3.0-RC1 and earlier versions. An attacker can exploit the vulnerability to pass specially crafted offset, limit, and sort parameters to perform a SQL injectio...

TONGDA Office Anywhere SQL Injection Vulnerability

TONGDA Office Anywhere is a collaborative office OA system. A SQL injection vulnerability exists in TONGDA Office Anywhere 2017 version 11.9 and earlier versions, which stems from the fact that incorrect operation of the parameter ASKDUTYID can lead to SQL injection...

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network (EPN) Manager software, allows a perpetrator to alter confidential information stored in the base database.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network EPN Manager software relates to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to alter...

ManageEngine SQL Injection Vulnerability

ManageEngine is a family of IT management solutions from ManageEngine, Inc. A security vulnerability exists in ManageEngine ADAudit Plus 7270 and prior versions that stems from vulnerability to authenticated SQL injection attacks...

School Task Manager Security Vulnerability

School Task Manager is a school task manager by rems personal developer. A security vulnerability exists in School Task Manager version 1.0, which is caused by a SQL injection vulnerability in the task parameter...