WordPress Plugin Transbank Webpay REST SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Transbank...

SourceCodester Employee and Visitor Gate Pass Logging System SQL注入漏洞

Employee and Visitor Gate Pass Logging System is an employee and visitor pass logging system by Carlo Montero, an individual developer. SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 suffers from a SQL injection vulnerability that stems from a problem in the file...

Sourcecodester Vehicle Service Management System SQL注入漏洞

Sourcecodester Vehicle Service Management System is an open source PHP project. It is a simple web application for automotive repair/service stores or businesses. SourceCodester Vehicle Service Management System version 1.0 suffers from a SQL injection vulnerability, which originates from the...

Campcodes Online Traffic Offense Management System SQL注入漏洞

Campcodes Online Traffic Offense Management System is a web-based traffic offense management system. A SQL injection vulnerability exists in Campcodes Online Traffic Offense Management System v1.0. The vulnerability stems from the lack of validation of external input SQL statements in the paramet...

Online Voting System SQL注入漏洞

Campcodes Advanced Online Voting System is an online voting system. The Campcodes Advanced Online Voting System v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter description of the file /admin/positionsadd.ph...

PT-2023-17447 · Unknown · Campcodes Advanced Online Voting System

Name of the Vulnerable Software and Affected Versions: Campcodes Advanced Online Voting System version 1.0 Description: A critical vulnerability has been found in the system, affecting an unknown function of the file /admin/positions row.php. The manipulation of the id argument leads to SQL...

PT-2023-17292

Name of the Vulnerable Software and Affected Versions Eskom Water Metering Software versions prior to 23.04.06 Description The issue is related to an SQL Injection vulnerability, which allows for Command Line Execution through SQL Injection. This is due to the improper neutralization of special...

Control iD iDSecure SQL注入漏洞

Control iD iDSecure is an ID security program from Control iD. An SQL injection vulnerability exists in Control iD iDSecure version 23.3.19.0, which stems from a problem with the file /v2/customerdb/operator.svc/a, where manipulation of email can result in sql injection...

Campcodes Advanced Online Voting System SQL注入漏洞

Campcodes Advanced Online Voting System is an online voting system. A SQL injection vulnerability exists in Campcodes Advanced Online Voting System v1.0. The vulnerability stems from the lack of validation of external input SQL statements in the parameter id of the file /admin/positionsdelete.php...

Campcodes Advanced Online Voting System SQL注入漏洞

Campcodes Advanced Online Voting System is an online voting system. Campcodes Advanced Online Voting System v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter id of the file /admin/votersrow.php, which can be...

AM System AM Presencia SQL注入漏洞

AM System AM Presencia is an application of the Spanish company AM System. It is used to control the presence and accelerate the realization of employees in the control terminal. A security vulnerability exists in AM System AM Presencia version v3.7.3, which stems from the discovery of the...

The vulnerability of the software for managing and publishing geodata on the OSGeo GeoServer server lies in the lack of measures to neutralize special elements used in SQL queries, allowing a perpetrator to execute arbitrary SQL code.

The vulnerability of the software for managing and publishing geodata on the OSGeo GeoServer server is related to the lack of measures taken to neutralize special elements used in SQL queries. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code by sending a...

PT-2023-9513 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the sqlo preds contradiction component of openlink virtuoso-opensource is related to the improper neutralization of special elements used in SQL commands. This can be...

PT-2023-2437 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue exists due to insufficient input validation in the OLE DB driver for SQL Server in the Windows operating system. This allows a remote attacke...

PT-2023-6370 · Unknown · Supportcandy

Name of the Vulnerable Software and Affected Versions: SupportCandy versions prior to 3.1.5 Description: The issue is related to the lack of validation and escaping of user input in SQL statements, which could allow unauthenticated attackers to perform SQL injection attacks. This could enable...

PT-2023-17375 · Sourcecodester · Sourcecodester Best Online News Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Online News Portal version 1.0 Description: A critical issue was found in the file /admin/forgot-password.php, specifically in the POST Parameter Handler component. The manipulation of the username argument leads to SQL...

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to a SQL injection vulnerability that originates in the file /classes/Master.php?f=savesubcategory with the parameter subcategory...

PT-2023-17356 · Sourcecodester · Sourcecodester Simple/Beautiful Shopping Cart System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple and Beautiful Shopping Cart System version 1.0 Description: A critical issue was found in the delete user query.php file, where the manipulation of the user id argument leads to SQL injection. The attack can be initiated...

BP Monitoring Management System SQL注入漏洞

BP Monitoring Management System is a web-based application by the individual developer of phpgurukul. A SQL injection vulnerability exists in HPGurukul BP Monitoring Management System version 1.0. The vulnerability stems from a SQL injection vulnerability in the name/mobno parameter...

Tailor Management System SQL注入漏洞

Tailor Management System is a tailor store management system by Warren Daloyan, an individual developer. A security vulnerability exists in Tailor Management System version v.1, which originates from a SQL injection vulnerability that can be exploited by an authenticated, remote attacker to execu...