PT-2023-32877 · Unknown · Code-Projects E-Commerce Website

Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Website version 1.0 Description: A critical issue affects some unknown functionality of the file user signup.php. The manipulation of the firstname, middlename, email, address, contact, or username arguments leads to...

Voltronic Power ViewPower SQL Injection Vulnerability

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower Pro suffers from a SQL injection vulnerability that is caused by failing to properly validate a user-supplied string before constructing a SQL query using it. An attack...

VulnCheck KEV: CVE-2022-1950

The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...

DEBIAN-CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory processes, related to the improper elimination of special elements used in SQL commands, allows a hacker to alter the database query logic by introducing arbitrary SQL operators.

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management functions is related to the improper elimination of special elements used in SQL queries. Exploiting this vulnerability allows a malicious actor to alter the query logic to the database, by...

CVE-2023-49681

Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-45121

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-45115

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database...

PT-2023-31292 · Unknown · Job Portal

Name of the Vulnerable Software and Affected Versions: Job Portal version 1.0 Description: The issue concerns unauthenticated SQL Injection vulnerabilities. Specifically, the txtDesc parameter of the "Employer/InsertWalkin.php" resource does not validate the characters received, sending them...

S-CMS Security Vulnerabilities

S-CMS is a PHP and MySQL based Content Management System CMS from S-CMS China. A security vulnerability exists in S-CMS v5.0, which originates from the discovery of an SQL injection vulnerability via the Anewsauth parameter in /admin/ajax.php...

Tongda2000 SQL Injection Vulnerability

Tongda2000 is a network intelligent office system of China Tongda Tongda Company. Tongda2000 11.9 and previous versions exist SQL injection vulnerability, the vulnerability stems from General/wiki/cp/ct/view.php in the existence of some unknown processing, through the parameter TEMPID lead to SQL...

Tongda2000 SQL Injection Vulnerability

Tongda2000 is a network intelligent office system of China Tongda Tongda. Tongda2000 11.9 and previous versions exist SQL injection vulnerability, the vulnerability stems from the existence of an unknown function in general/vehicle/checkup/deletesearch.php, through the parameter VUID lead to SQL...

Kashipara Job Portal SQL Injection Vulnerability

Kashipara Job Portal is an online job portal system from Kashipara. A SQL injection vulnerability exists in Kashipara Job Portal v1.0, which stems from the "txtUser" parameter of login.php that does not validate received characters and sends them to the database unfiltered...

Projectworlds Student Result Management System SQL Injection Vulnerability

Projectworlds Student Result Management System is a student result management system from Projectworlds India. Projectworlds Student Result Management System v1.0 suffers from a SQL injection vulnerability, which stems from the fact that the "classname" parameter of addstudents.php does not...

CVE-2023-28491

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0...

CVE-2023-47236

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Avirtum iPages Flipbook For WordPress.This issue affects iPages Flipbook For WordPress: from n/a through 1.4.8...

WordPress Plugin SEO Change Monitor SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

WordPress Plugin iPages Flipbook For WordPress SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Plugin iPages Flipbook For WordPress is vulnerable to a SQL injection vulnerability. No information...

ABO.CMS Security Vulnerabilities

ABO.CMS is a content management platform. A security vulnerability exists in ABO.CMS. An attacker exploited the vulnerability to perform a SQL injection attack...