Cerebrate SQL注入漏洞

Cerebrate is an open source platform. Designed to act as an interconnect coordinator for trusted contact information providers and other security tools. A security vulnerability exists in Cerebrate version 1.13 that stems from the presence of SQL blind comments in the searchAll API endpoint...

CVE-2023-1592

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file admin/courses/viewclass.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The...

novel-plus SQL注入漏洞

novel-plus novel-plus is a multi-end PC, WAP reading, functional original literature CMS system. A security vulnerability exists in novel-plus version 3.6.2, which stems from a problem in the file /common/sysFile/list, where the operation of the parameter sort can lead to sql injection...

PT-2023-21385 · Ibm · Ibm Aspera Faspex

Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex version 4.4.2 Description: The issue allows a remote attacker to obtain sensitive credential information for an external user using a specially crafted SQL query. Recommendations: For IBM Aspera Faspex version 4.4.2, update ...

CVE-2023-1152

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Utarit Information Technologies Persolus allows SQL Injection. This issue affects Persolus: before 2.03.93...

Online Pizza Ordering System SQL注入漏洞

Online Pizza Ordering System is an online pizza ordering system by Carlo Montero, an individual developer. A SQL injection vulnerability exists in Online Pizza Ordering System version 1.0, which originates from a security issue in the component login page admin/ajax.php?action=login2, which leads...

SourceCodester Automatic Question Paper Generator System SQL注入漏洞

Automatic Question Paper Generator System is an automatic question paper generator system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in SourceCodester Automatic Question Paper Generator System version 1.0, which originates from a SQL injection vulnerability found in...

Utarit Information Technologies Persolus SQL注入漏洞

Utarit Information Technologies Persolus is an application from Utarit Information Technologies. A security vulnerability exists in Utarit Information Technologies Persolus versions prior to 2.03.93 that stems from the presence of a SQL injection vulnerability...

Simple Art Gallery SQL注入漏洞

Simple Art Gallery is an art gallery application from Simple Art Gallery, Inc. A SQL injection vulnerability exists in Simple Art Gallery version 1.0, which stems from a problem in the file adminHome.php, where manipulation of the parameter socialfacebook can lead to sql injection...

Art Gallery Management System SQL注入漏洞

Art Gallery Management System is an art gallery management system by Anuj Kumar, an individual developer. A security vulnerability exists in Art Gallery Management System v1.0, which stems from a SQL injection vulnerability via the viewid parameter...

Computer Parts Sales and Inventory System SQL注入漏洞

Computer Parts Sales and Inventory System is a computer parts sales and inventory system by Warren Daloyan, an individual developer. SourceCodester Computer Parts Sales and Inventory System version 1.0 suffers from a SQL injection vulnerability that originates from a security issue in the file...

Online Graduate Tracer System SQL注入漏洞

Online Graduate Tracer System is an online graduate tracer system by the individual developer Carlo Montero. A SQL injection vulnerability exists in SourceCodester Online Graduate Tracer System version 1.0, which stems from an incorrect manipulation of the parameter user resulting in sql injectio...

CVE-2023-1251

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Akinsoft Wolvox. This issue affects Wolvox: before 8.02.03...

Best POS Management System SQL注入漏洞

Best pos management system is a best pos management system by Mayuri K. Personal developer. A security vulnerability exists in Best POS Management System version 1.0, which originates from a SQL injection vulnerability via the id parameter in /kruxton/manageuser.php...

PT-2023-19779 · Funadmin · Funadmin

Name of the Vulnerable Software and Affected Versions: Funadmin version 3.2.0 Description: The issue is a SQL injection vulnerability that can be exploited via the id parameter at the "/databases/database/edit" API endpoint. This allows for potential unauthorized access and manipulation of databa...

ByWater Solutions bywater-koha-xslt SQL注入漏洞

ByWater Solutions bywater-koha-xslt is ByWater Solutions' Koha repository for XSLT customization for ByWater partners. ByWater Solutions bywater-koha-xslt suffers from a SQL injection vulnerability that stems from manipulation of the parameter name that can lead to sql injection...

PT-2023-10270 · Bywater Solutions · Bywater-Koha-Xslt

Name of the Vulnerable Software and Affected Versions: ByWater Solutions bywater-koha-xslt affected versions not specified Description: A critical vulnerability has been found in ByWater Solutions bywater-koha-xslt, affecting the StringSearch function of the file admin/systempreferences.pl. The...

The vulnerability of the centralized control system for network devices and ports of Advantech iView arises from the lack of protective measures for the SQL query structure, allowing attackers to disclose protected information.

The vulnerability of the centralized control system for network devices and ports of Advantech iView relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

The vulnerability of the manage_record.php web application used for creating medical certificates, the Medical Certificate Generator App, allows a violator to execute arbitrary SQL code.

The vulnerability of the managerecord.php web application used for creating medical certificates in the Medical Certificate Generator App is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability allows an attacker to execute arbitrary SQL code...

Uzay Baskul Weighbridge Automation Software SQL注入漏洞

Uzay Baskul Weighbridge Automation Software is an industrial control automation software from Uzay Baskul. A security vulnerability exists in Uzay Baskul Weighbridge Automation Software versions prior to 1.1, which stems from improper neutralization of a special element, resulting in SQL injectio...