Lost and Found Information System SQL注入漏洞

Lost and Found Information System is a lost and found information system by oretnom23 individual developer. A SQL injection vulnerability exists in SourceCodester Lost and Found Information System version 1.0, which stems from a SQL injection vulnerability in the parameter id...

DedeBIZ SQL注入漏洞

DedeBIZ is a content management system from China Muyun Intelligent Technology DedeBIZ company. A SQL injection vulnerability exists in DedeBIZ version 6.2.10, which stems from a SQL injection vulnerability in the parameter sqlquery...

Hospital Management System SQL注入漏洞

Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. A SQL injection vulnerability exists in Hospital Management System version 1.0, which stems from the presence of an unknown function i...

PT-2023-26188 · Unknown · Weaver E-Cology

Name of the Vulnerable Software and Affected Versions: Weaver e-cology versions prior to 10.58.0 Description: A critical issue affects the HTTP POST Request Handler component of Weaver e-cology, specifically the file filelFileDownloadForOutDoc.class. The manipulation of the fileid argument with t...

CVE-2023-3763

A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This vulnerability affects unknown code of the component SQL Query Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an...

Esri ArcGIS Insights Desktop SQL注入漏洞

Esri ArcGIS Insights Desktop is a data analysis workbench from Environmental Systems Research Institute Esri, Inc. A SQL injection vulnerability exists in Esri ArcGIS Insights Desktop version 2022.1 Windows, Mac that originates from a vulnerability that allows a locally-authorized attacker to...

PT-2023-20345 · Esri · Esri Arcgis Insights Desktop

Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Insights Desktop for Mac and Windows version 2022.1 Description: The issue allows a local, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input...

Esri ArcGIS Insights Desktop SQL注入漏洞

Esri ArcGIS Insights Desktop is a data analysis workbench from Environmental Systems Research Institute Esri, Inc. A SQL injection vulnerability exists in Esri ArcGIS Insights Desktop version 2022.1 ArcGIS Enterprise that originates from a vulnerability that could allow a remotely-authorized...

Locke-Bot SQL注入漏洞

Locke-Bot is a custom discord bot developed for LOCKE by HKing2802 Personal Developer. A security vulnerability exists in Locke-Bot version 2.0.2, which stems from an SQL injection vulnerability that allows remote attackers to run arbitrary SQL commands via a crafted string...

The vulnerability of the monitoring system for critical equipment, StruxureWare Data Center Expert, arises from the lack of measures taken to protect the SQL query structure. This allows attackers to modify or delete any content they desire.

The vulnerability of the StruxureWare Data Center Expert monitoring system relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to modify or delete any content at will...

PT-2023-24477

Name of the Vulnerable Software and Affected Versions Zekiweb versions prior to 2 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations For versions prior...

PT-2023-4170 · Taphome · Taphome

Name of the Vulnerable Software and Affected Versions: TapHome versions prior to 2023.2 Description: The issue is related to weaknesses in the authentication procedure of the TapHome system, allowing a remote attacker to bypass authentication and gain full access to the device. A hidden API in...

Bylancer QuickJob SQL注入漏洞

Bylancer QuickJob is an advanced Job Board PHP script from Bylancer. A SQL injection vulnerability exists in Bylancer QuickJob version 6.1, which stems from the presence of an unknown function in the component GET Parameter Handler, which leads to sql injection via the parameters keywords/gender...

CVE-2023-1547

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Elra Parkmatik allows SQL Injection through SOAP Parameter Tampering, Command Line Execution through SQL Injection. This issue affects Parkmatik: before 02.01-a51...

Lisa Software Florist Site SQL注入漏洞

Lisa Software Florist Site is a florist site from Lisa Software. A SQL injection vulnerability exists in versions prior to Lisa Software Florist Site 3.0, which stems from susceptibility to SQL injection attacks...

CVE-2023-37628

Online Piggery Management System 1.0 is vulnerable to SQL Injection...

PT-2023-25574 · Sourcecodester · Sourcecodester Service Provider Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Service Provider Management System version 1.0 Description: A critical issue has been found in the system, affecting the /classes/Master.php file, specifically when f=save inquiry. The manipulation of the id argument leads to S...

WordPress Plugin WP EasyCart SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WP EasyCar...

Best pos management system SQL注入漏洞

Best pos management system is a best pos management system by Mayuri K. Individual developer. A SQL injection vulnerability exists in Best POS Management System version 1.0, which stems from the parameter username in the file adminclass.php that can lead to sql injection...

Nesote Inout Blockchain FiatExchanger SQL注入漏洞

Nesote Inout Blockchain FiatExchanger is a secure online cryptocurrency exchange service from Nesote. A SQL injection vulnerability exists in Nesote Inout Blockchain FiatExchanger version 3.0, which stems from an unknown section in the file /index.php/coins/updatemarketboxslider of the component...