CVE-2021-36433

SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jodeletemask function in jocms/apps/mask/mask.php...

JIZHICMS SQL注入漏洞

Extreme Networks Technology JIZHICMS Extreme CMS is an open source content management system CMS from China's Extreme Networks Technology Company. A security vulnerability exists in JIZHICMS version 1.9.5, which is caused by SQL injection and can be exploited by an attacker to run arbitrary SQL...

PT-2023-10006 · Unknown · Fanzila Webfinance

Name of the Vulnerable Software and Affected Versions: fanzila WebFinance version 0.5 Description: A critical issue has been found in fanzila WebFinance, affecting an unknown function of the file htdocs/admin/save roles.php. The manipulation of the id argument leads to sql injection...

PT-2023-15485 · Unknown · Bang Resto

Name of the Vulnerable Software and Affected Versions: Bangresto version 1.0 Description: The issue is related to a SQL Injection vulnerability. It affects the itemID parameter. There is no information provided about the estimated number of potentially affected devices worldwide or real-world...

The vulnerability of the WDAC OLE DB component for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB component for SQL Server on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2023-22324

SQL injection vulnerability in the CONPROSYS HMI System CHS Ver.3.5.0 and earlier allows a remote authenticated attacker to execute an arbitrary SQL command. As a result, information stored in the database may be obtained...

Online Tours & Travels Management System SQL注入漏洞

Online Tours & Travels Management System is an online travel management system by Mayuri K. Individual developer. A SQL injection vulnerability exists in SourceCodester Online Tours & Travels Management System version 1.0, which stems from an incorrect manipulation of the parameter todate that ca...

SiteServer CMS SQL注入漏洞

SiteServer CMS is an open-source content management system CMS from China's BioRenewable Software Technology Development Company. A security vulnerability exists in SiteServer CMS version 7.1.3, which is caused by SQL injection...

OpenCats SQL注入漏洞

OpenCats is an open source recruitment process management system. A security vulnerability exists in OpenCats version v0.9.7, which stems from the importID parameter of its Import viewerrors function that allows an attacker to implement SQL injection...

WordPress Plugin LearnPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin LearnPress...

PT-2023-15127 · Tuzicms · Tuzicms

Name of the Vulnerable Software and Affected Versions: Tuzicms version 2.0.6 Description: A SQL injection issue was found in the UserController.class.php component, located in AppManageController. Recommendations: For Tuzicms version 2.0.6, update to a newer version that contains a fix for this...

Amano Xoffice parking solutions SQL注入漏洞

Amano Xoffice parking solutions is an application from Amano. It provides an ideal solution for all types of parking lots. Amano Xoffice parking solutions version 7.1.3879 suffers from a security vulnerability that stems from susceptibility to SQL injection attacks...

CVE-2020-21152

SQL Injection vulnerability in inxedu 2.0.6 allows attackers to execute arbitrary commands via the functionIds parameter to /saverolefunction...

CVE-2023-20010

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This...

WordPress Plugin The Paid Memberships Pro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-10003 · Unknown · Oktora24 2Moons

Name of the Vulnerable Software and Affected Versions: oktora24 2moons affected versions not specified Description: A critical vulnerability has been found in oktora24 2moons, affecting an unknown function. The manipulation leads to sql injection. Recommendations: At the moment, there is no...

click-reminder SQL注入漏洞

click-reminder is a Web 2.0 application by lierdakil personal developer. It helps users to remember the last time they did something. A SQL injection vulnerability exists in click-reminder. An attacker could exploit this vulnerability to cause a sql injection...

danynab movify-j SQL注入漏洞

danynab is an application by the individual developer of danynab. An SQL injection vulnerability exists in danynab movify-j, which stems from the fact that incorrect manipulation of the movieId/username parameter can lead to sql injection...

phoenixcf SQL注入漏洞

phoenixcf is an application by iamdroppy Personal Developer. phoenixcf suffers from a SQL injection vulnerability. An attacker could exploit this vulnerability to cause a sql injection...

PT-2023-10242 · Unknown · Theradsystem

Name of the Vulnerable Software and Affected Versions: saemorris TheRadSystem affected versions not specified Description: A critical issue was found in saemorris TheRadSystem, affecting the redirect function of the login.php file. The manipulation of the user/pass argument leads to SQL injection...