6592 matches found
CVE-2023-42660
In Progress MOVEit Transfer versions released before 2021.1.8 13.1.8, 2022.0.8 14.0.8, 2022.1.9 14.1.9, 2023.0.6 15.0.6, a SQL injection vulnerability has been identified in the MOVEit Transfer machine interface that could allow an authenticated attacker to gain unauthorized access to the MOVEit...
HotelDruid SQL Injection Vulnerability
Hoteldruid is a free and open source hotel management program from Hoteldruid. A security vulnerability exists in HotelDruid version v3.0.5, which stems from a SQL injection vulnerability in the parameter nutenteagg...
PT-2023-27946 · Unknown · Novel-Plus
Name of the Vulnerable Software and Affected Versions: Novel-Plus version 4.1.0 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in the "/sys/menu/list" API endpoint. This enables the attacker to inject malicious SQL code,...
CVE-2023-5014
A vulnerability was found in Sakshi2610 Food Ordering Website 1.0 and classified as critical. This issue affects some unknown processing of the file categoryfood.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed t...
TONGDA Office Anywhere SQL Injection Vulnerability
TONGDA Office Anywhere is a collaborative office OA system. A SQL injection vulnerability exists in TONGDA Office Anywhere 11.10 and earlier versions, which stems from a SQL injection vulnerability in the parameter PLANID...
OpenRapid RapidCMS SQL Injection Vulnerability
OpenRapid RapidCMS is OpenRapid open source a fast and easy to use CMS system. OpenRapid RapidCMS version 1.3.1 SQL injection vulnerability , the vulnerability stems from the file /admin/article/article-add.php SQL injection vulnerability...
Simple Membership System SQL Injection Vulnerability
Simple Membership System is a simple membership system by Razormist Personal Developer. A SQL injection vulnerability exists in Simple Membership System version 1.0, which stems from a SQL injection vulnerability in the club parameter club in the file clubvalidator.php...
CVE-2023-4673
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sanalogy Turasistan allows SQL Injection.This issue affects Turasistan: before 20230911...
PT-2023-30790
Name of the Vulnerable Software and Affected Versions Besttem Network Marketing Software versions prior to 1.0.2309.6 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
OpenRefine SQL Injection Vulnerability
OpenRefine is a Java-based open source tool. The product is mainly used for loading data, analyzing data and cleaning data. OpenRefine suffers from a SQL injection vulnerability. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...
CF Software Oil Management Software SQL Injection Vulnerability
CF Software Oil Management Software is an oil management software from CF Software. A SQL injection vulnerability exists in versions of CF Software Oil Management Software prior to 20230912, which stems from improper neutralization of special elements...
CVE-2023-4766
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Movus allows SQL Injection.This issue affects Movus: before 20230913...
CVE-2023-4832
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aceka Company Management allows SQL Injection. This issue affects Company Management: before 3072...
PT-2023-30173
Name of the Vulnerable Software and Affected Versions Sanalogy Turasistan versions prior to 20230911 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. There is no...
Vtiger CRM SQL Injection Vulnerability
Vtiger CRM is a set of customer relationship management system CRM based on SugarCRM developed by American Vtiger. The management system provides functions such as managing, collecting, and analyzing customer information. A security vulnerability exists in Vtiger CRM version v.7.5.0, which...
Movus SQL Injection Vulnerability
Movus is a rental car service by Movus, Inc. A SQL injection vulnerability exists in versions prior to Movus 20230913, which stems from the presence of a SQL injection vulnerability...
Super Store Finder SQL Injection Vulnerability
Super Store Finder is an easy-to-use Google Maps API store finder program Super Store Finder by Super Store Finder. A security vulnerability exists in Super Store Finder version v.3.6, which stems from a vulnerability that allows a remote attacker to execute arbitrary code via a carefully crafted...
The vulnerability of the ajax_hosts() and ajax_hosts_noany() functions (graphs.php) of the Cacti network monitoring tool allows a hacker to execute arbitrary SQL queries.
The vulnerability of the ajaxhosts and ajaxhostsnoany functions graphs.php of the Cacti network monitoring tool is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries using a specially...
BlackBerry AtHoc SQL Injection Vulnerability
BlackBerry AtHoc is a crisis communications solution for federal, state and local governments, public safety and law enforcement agencies, and schools from BlackBerry Canada. A security vulnerability exists in BlackBerry AtHoc version 7.15, which stems from a SQL injection vulnerability in the...
The vulnerability of the Google Maps API Super Store Finder software lies in its lack of protection against SQL query structures, allowing attackers to gain access to the administration panel.
The vulnerability of the Google Maps API Super Store Finder integration tool is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to the administration panel...