Siemens SIMATIC PCS 安全漏洞

SIMATIC PCS neo is a distributed control system DCS. Siemens SIMATIC PCS neo has a SQL injection vulnerability that can be exploited by an attacker to execute SQL statements in the underlying database...

CVE-2023-46018

SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter...

Code-Projects Blood Bank Security Breach

Code-Projects Blood Bank is a blood bank system from the Code-Projects project. A security vulnerability exists in Code-Projects Blood Bank version 1.0, which stems from an SQL injection vulnerability in the parameters hemail and hpassword of the file hospitalLogin.php...

PT-2023-6916 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions up to 11.9 Description: A critical issue was found in Tongda OA, affecting some unknown functionality of the file general/vehicle/checkup/delete.php. The manipulation of the VU ID argument leads to SQL injection...

Piccolo Security Breach

Piccolo is Piccolo open source a fast , user-friendly ORM and query builder . Piccolo 1.1.1 before the version has a security vulnerability , the vulnerability stems from the vulnerability to SQL injection attacks , attackers can use the vulnerability to directly access the database...

Tongda OA 2017 Security Breach

Tongda2000 is a network intelligent office system from China Tongda Tongda. A security vulnerability exists in Tongda OA 2017 11.9 and earlier versions, which originates from a SQL injection vulnerability in the parameter TERMIDSTR in the file general/wiki/cp/manage/lock.php...

mariadb: assertion failures in decimal_bin_size

A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimalbinsize, which is exploited via specially crafted SQL statements, impacting availability...

mariadb: crash when using HAVING with IS NULL predicate in an equality

A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/itemcmpfunc.h, impacting availability...

CVE-2023-33478

RemoteClinic 2.0 has a SQL injection vulnerability in the ID parameter of /medicines/stocks.php...

CVE-2022-47430

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar The School Management – Education & Learning Management allows SQL Injection.This issue affects The School Management – Education & Learning Management: from n/a through 4.1...

PT-2023-29833 · Bplugins Llc · Icons Font Loader

Name of the Vulnerable Software and Affected Versions: bPlugins LLC Icons Font Loader versions 1.1.2 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

WordPress Plugin mstore-api SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

PT-2023-27325 · Unknown · Rednao Donations Made Easy – Smart Donations

Name of the Vulnerable Software and Affected Versions: RedNao Donations Made Easy – Smart Donations versions 4.0.12 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL...

WordPress Plugin Contact Form Generator : Creative form builder for WordPress SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Contact Form Generator :...

CVE-2023-41652

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 10.6.6...

WordPress Plugin Zero Spam for WordPress SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Zero Spam for WordPre...

WordPress Plugin RSVPMaker SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin RSVPMaker...

PT-2023-20387 · Zendrop · Zendrop

Name of the Vulnerable Software and Affected Versions: Zendrop – Global Dropshipping versions n/a through 1.0.0 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. The...

CVE-2023-45323

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'name' parameter of the routers/add-item.php resource does not validate the characters received and they are sent unfiltered to the database...

Simple Student Information System SQL Injection Vulnerability

Simple Student Information System is a web-based application platform by Carlo Montero, an individual developer. It can help a university or college to manage student information and academic records. A SQL injection vulnerability exists in Simple Student Information System version 1.0, which ste...