Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform Operating System Command Injection Vulnerability

Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform is a Multi-Service Secure Gateway Intelligent Management Platform from Beijing Baichuo, China. The Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform suffers from an...

Exploit for SQL Injection in Simple_Online_Piggery_Management_System_Project Simple_Online_Piggery_Management_System

Online Piggery Farm Management Syst...

Internet Reservation Module Booking Engine Code Issue Vulnerability

Internet Reservation Module Booking Engine is a booking platform. A code issue vulnerability exists in Internet Reservation Module Booking Engine. An attacker could use this vulnerability to upload arbitrary content, such as a web shell component, to a SQL database and execute it with system...

CVE-2023-39654

abupy up to v0.4.0 was discovered to contain a SQL injection vulnerability via the component abupy.MarketBu.ABuSymbol.searchtosymboldict...

CVE-2023-4531

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mestav Software E-commerce Software allows SQL Injection.This issue affects E-commerce Software: before 20230901...

CVE-2023-35068

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BMA Personnel Tracking System allows SQL Injection. This issue affects Personnel Tracking System: before 20230904...

PT-2023-25129 · Unknown · Coyav Travel Proagent

Name of the Vulnerable Software and Affected Versions: Coyav Travel Proagent versions before 20230904 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

Mestav Software E-commerce Software SQL Injection Vulnerability

Mestav Software E-commerce Software is an e-commerce software from Mestav Software, Turkey. An SQL injection vulnerability exists in Mestav Software E-commerce Software versions prior to 20230901, which stems from susceptibility to SQL injection attacks...

Cacti SQL Injection Vulnerability

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. Cacti suffers from an SQL injection vulnerability that stems from regular...

The vulnerability of the Quick Post Duplicator plugin of the WordPress content management system allows a hacker to gain unauthorized access to protected information and execute arbitrary SQL code.

The vulnerability of the Quick Post Duplicator plugin of the WordPress content management system is related to the lack of protection for the SQL query structure when processing the postid parameter. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

PT-2023-25121

Name of the Vulnerable Software and Affected Versions Osoft Paint Production Management versions prior to 2.1 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

The vulnerability of the MXSecurity software platform for managing security in industrial networks lies in its failure to protect the SQL query structure. This allows attackers to execute arbitrary commands and gain unauthorized access to protected information.

The vulnerability of the MXSecurity software platform for managing security in industrial networks stems from the lack of protective measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and gain unauthorized access to protected...

MOXA MXsecurity SQL Injection Vulnerability

MOXA MXsecurity is a management platform from China-based MOXA. It provides centralized visibility and security management to easily monitor and identify network threats and prevent security misconfigurations to create a robust threat defense. A security vulnerability exists in MXsecurity v1.0.1...

CVE-2023-40771

SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function...

Chamilo LMS SQL Injection Vulnerability

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS versions v.1.11 through...

CVE-2023-41640

An improper error handling vulnerability in the component ErroreNonGestito.aspx of GruppoSCAI RealGimm 1.1.37p38 allows attackers to obtain sensitive technical information via a crafted SQL query...

Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet SQL注入漏洞

Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software is a Schweitzer Engineering Laboratories, Inc. tool for configuring, commissioning and managing power system protection, control, metering and monitoring equipment. monitoring equipment of the power system. A security...

PT-2023-6882 · Nagios Xi · Nagios Xi

Name of the Vulnerable Software and Affected Versions: NagiosXI affected versions not specified Description: The issue is related to the utils-banner message component of NagiosXI, which fails to properly protect the SQL query structure. This allows a remote attacker to execute arbitrary SQL...

TripSpark VEO SQL注入漏洞

TripSpark VEO is a software solution from TripSpark, Inc. designed for the traffic and transportation sector to manage and optimize the operations of vehicles, equipment, and personnel. A security vulnerability exists in the TripSpark VEO Transportation NovusEDU-2.2.x-XPBB-20201123-184084 version...

PT-2023-4750

Name of the Vulnerable Software and Affected Versions Red Hat Ansible affected versions not specified Description The issue is related to the lack of protection of the SQL query structure in Red Hat Ansible's configuration management system. Exploitation of this issue could allow a remote attacke...