Microsoft OLE Automation Remote code 安全漏洞

Microsoft OLE Automation Remote code is a software application from Microsoft Corporation USA. An automation software. A security vulnerability exists in Microsoft OLE Automation Remote code, which stems from allowing remote code execution and affects the following products and versions:Microsoft...

PT-2023-5214 · Schweitzer Engineering Laboratories · Sel-5030 Acselerator Quickset

Name of the Vulnerable Software and Affected Versions: Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software versions through 7.1.3.0 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as SQL Injection. This...

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A SQL injection vulnerability exists in PrestaShop versions prior to 2.4.3, which stems from improper...

bloofoxCMS SQL注入漏洞

bloofoxCMS is bloofox bloofoxCMS individual developers of a Php-based text content management system. A security vulnerability exists in bloofoxCMS version v0.5.2.1, which stems from a tid parameter found to contain an SQL injection vulnerability via...

CVE-2023-35064

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Satos Satos Mobile allows SQL Injection through SOAP Parameter Tampering. This issue affects Satos Mobile: before 20230607...

CVE-2023-3047

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TMT Lockcell allows SQL Injection. This issue affects Lockcell: before 15...

CVE-2021-4340

The uListing plugin for WordPress is vulnerable to generic SQL Injection via the ‘listingid’ parameter in versions up to, and including, 1.6.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

PT-2023-23362 · Unknown · Sourcecodester Online Discussion Forum Site

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Discussion Forum Site version 1.0 Description: A critical issue has been discovered, allowing for SQL injection through the manipulation of the id argument in an unknown function of the file adminusermanage user.php. Thi...

WordPress plugin YARPP SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

Service Provider Management System SQL注入漏洞

Service Provider Management System is a web-based application developed by Carlo Montero, an individual developer. It is designed to provide dynamic websites for service provider companies. A SQL injection vulnerability exists in SourceCodester Service Provider Management System version 1.0, whic...

The vulnerability of the Permalink Manager Lite plugin for the WordPress content management system lies in its lack of protection against SQL query structures, allowing attackers to execute arbitrary SQL code.

The vulnerability of the Permalink Manager Lite plugin for the WordPress content management system is related to the lack of protection for the SQL query structure when processing the orderby parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

Enrollment System Project SQL注入漏洞

Enrollment System Project is an enrollment system project by Carlo Montero Individual Developer. A security vulnerability exists in version 1.0 of Enrollment System Project that stems from the presence of a SQL injection vulnerability...

WordPress plugin Watu Quiz SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2023-33762

eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a SQL injection vulnerability via the Activity parameter...

CVE-2023-3000

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Erikoglu Technology ErMon allows Command Line Execution through SQL Injection, Authentication Bypass.This issue affects ErMon: before 230602...

Erikoglu Technology ErMon SQL注入漏洞

Erikoglu Technology ErMon is an application from Erikoglu Technology. A SQL injection vulnerability exists in Erikoglu Technology ErMon versions prior to 230602, which stems from an irregularity in a special element and allows SQL injection...

PT-2023-22511

Name of the Vulnerable Software and Affected Versions Erikoglu Technology ErMon versions prior to 230602 Description The issue is related to an SQL Injection vulnerability, allowing for Command Line Execution and Authentication Bypass. This is due to the improper neutralization of special element...

simpleRedak SQL注入漏洞

simpleRedak is a networking solution from the German company simpleRedak. A security vulnerability exists in simpleRedak version 2.47.23.05 and earlier, which stems from the presence of a SQL injection vulnerability...

CVE-2023-29154

SQL injection vulnerability exists in the CONPROSYS HMI System CHS versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page...

PT-2023-12143 · Unknown · Fighting Cock Information System

Name of the Vulnerable Software and Affected Versions: Fighting Cock Information System version 1.0 Description: A SQL Injection issue allows a remote attacker to obtain sensitive information via the 'edit breed.php' parameter. Recommendations: For Fighting Cock Information System version 1.0,...