CVE-2023-5268

A vulnerability was found in DedeBIZ 6.2 and classified as critical. This issue affects some unknown processing of the file /src/admin/makehtmltaglistaction.php. The manipulation of the argument mktime leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

SourceCodester Best Courier Management System SQL Injection Vulnerability

Best Courier Management System is a courier management system by Mayuri K. Individual developer. SourceCodester Best Courier Management System version 1.0 suffers from a SQL injection vulnerability that stems from a parameter email in the file editparcel.php that can lead to sql injection...

Hospital Management System SQL Injection Vulnerability

Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. Hospital Management System has a SQL injection vulnerability that stems from the discovery of a contained SQL injection vulnerability...

TONGDA Office Anywhere SQL Injection Vulnerability

TONGDA Office Anywhere is a collaborative office OA system. TONGDA Office Anywhere 2017 suffers from a SQL injection vulnerability that stems from the fact that incorrect operation of the parameter RECRUITMENTID can lead to SQL injection...

PT-2023-32003 · Unknown · Sourcecodester Engineers Online Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Engineers Online Portal version 1.0 Description: A critical vulnerability was found in the SourceCodester Engineers Online Portal, affecting unknown code in the file seed message student.php. The manipulation of the teacher id...

DedeBIZ SQL Injection Vulnerability

DedeBIZ is a content management system from China Muyun Intelligent Technology DedeBIZ company. A SQL injection vulnerability exists in DedeBIZ version 6.2, which stems from the fact that incorrect manipulation of the mktime parameter can lead to sql injection...

Tongda OA SQL Injection Vulnerability

Tongda2000 is a web-based intelligent office system from China Tongda Tongda. Tongda OA 2017 suffers from a SQL injection vulnerability that stems from the fact that incorrect operation of the parameter EXPERTID can lead to SQL injection...

CVE-2023-30415

Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/viewinquiry.php...

ZOHO ManageEngine Asset Management System SQL Injection Vulnerability

ZOHO ManageEngine Asset Management System is an asset management solution from ZOHO. A SQL injection vulnerability exists in ZOHO ManageEngine Asset Management System v1.0, which stems from vulnerability to an authenticated SQL injection vulnerability that could allow an authenticated attacker to...

Projectworlds Hospital Management System SQL Injection Vulnerability

Projectworlds Hospital Management System is a hospital management system from the Austrian company Projectworlds. Projectworlds Hospital Management System version 378c157 suffers from a SQL injection vulnerability that originates from allowing bypassing authentication and is vulnerable to SQL...

CVE-2023-43192

SQL injection can exist in a newly created part of the SpringbootCMS 1.0 background, and the parameters submitted by users are not filtered. As a result, special characters in parameters destroy the original logic of SQL statements. Attackers can use this vulnerability to execute any SQL statemen...

CLSA-2023-1695834945 openldap: Fix of 2 CVEs

CVE-2022-29155: fix a SQL injection vulnerability in the back-sql backend to slapd - CVE-2021-27212: fix denial of service daemon exit via a short timestamp if slapd is used...

CVE-2023-4737

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Hedef Tracking Admin Panel allows SQL Injection. This issue affects Admin Panel: before 1.2...

PT-2023-30432

Name of the Vulnerable Software and Affected Versions Hedef Tracking Admin Panel versions prior to 1.2 Description The issue is related to an SQL Injection vulnerability due to the improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

PT-2023-28816 · Unknown · Tianchoy/Blog

Name of the Vulnerable Software and Affected Versions: Tianchoy Blog version 1.8.8 Description: A SQL Injection issue allows a remote attacker to obtain sensitive information via the id parameter in the "login.php" API endpoint. Recommendations: For Tianchoy Blog version 1.8.8, avoid using the id...

PT-2023-27044 · Unknown · Uplight Cookiebanner

Name of the Vulnerable Software and Affected Versions: UpLight cookiebanner versions prior to 1.5.1 Description: The issue is related to a SQL injection vulnerability via the component Hook::getHookModuleExecList. This vulnerability was discovered in UpLight cookiebanner. Recommendations: For...

CVE-2023-43469

SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the ForPass.php component...

Online Job Portal SQL Injection Vulnerability

Online Job Portal is an online job portal for janobe individual developers. A security vulnerability exists in Online Job Portal version v.2020 that could allow a remote attacker to execute arbitrary code via the ForPass.php component...

FUXA SQL Injection Vulnerability

FUXA is an open source web-based process visualization SCADA/HMI/Dashboard software. A security vulnerability exists in FUXA version 1.1.12 and earlier, which stems from vulnerability to SQL injection attacks via /api/signin...

PHP Shopping Cart SQL Injection Vulnerability

PHP Shopping Cart is Phpjabbers open source a shopping cart system . PHP Shopping Cart 4.2 version has a security vulnerability , the vulnerability stems from the parameter id SQL injection vulnerability...