SAP BPC MS SQL注入漏洞

SAP BPC MS is a business planning and consolidation application from SAP Germany that provides planning, budgeting, forecasting, and financial consolidation functions. SAP BPC MS version 10.0 810 contains a SQL injection vulnerability that stems from the application's lack of validation of...

Terminal Operating System SQL注入漏洞

Terminal Operating System is a terminal operating system that accelerates the flow of container, general cargo, liquid cargo, ro-ro and warehouse services at the terminal. A SQL injection vulnerability exists in Terminal Operating System versions prior to 5.0.13. An attacker could exploit this...

PT-2023-9861 · Unknown · Web-Cyradm

Name of the Vulnerable Software and Affected Versions: web-cyradm affected versions not specified Description: A critical issue has been found in web-cyradm, affecting some unknown functionality of the file auth.inc.php. The manipulation of the argument login/login password/LANG leads to sql...

Search Results SQL注入漏洞

Search Results is an application by Forumhulp.com individual developers. It records the search terms searched by visitors. Search Results suffers from an SQL injection vulnerability that stems from a problem with the function listkeywords in the file event/listener.php, where manipulation of the...

pyChao SQL注入漏洞

pyChao is an application by Dr. Azrael Tod, a personal developer. It is mainly used for Facts and Newsfeeds and interacts with WebChao-Blog. A SQL injection vulnerability exists in pyChao. An attacker could exploit this vulnerability to perform a sql injection attack...

PT-2023-10132 · Unknown · Ananich Bitstorm

Name of the Vulnerable Software and Affected Versions: ananich bitstorm affected versions not specified Description: A critical issue was found in ananich bitstorm, affecting an unknown functionality of the file announce.php. The manipulation of the event argument leads to SQL injection...

PT-2023-10128 · Unknown · Learnmesomecodes Project3

Name of the Vulnerable Software and Affected Versions: LearnMeSomeCodes project3 affected versions not specified Description: A critical issue was found in the LearnMeSomeCodes project3, affecting the search first name function of the file search.rb. This issue leads to sql injection. The...

cub-scout-tracker SQL注入漏洞

cub-scout-tracker is a library. A SQL injection vulnerability exists in cub-scout-tracker. An attacker could exploit this vulnerability to perform a sql injection attack...

Blogile SQL注入漏洞

Blogile is a Node.js blogging system. Blogile suffers from a SQL injection vulnerability that stems from a misuse of the parameter query resulting in sql injection...

ProLOD SQL注入漏洞

ProLOD is an HPI-Information-Systems open source project. Contains algorithms for performing data analysis on Linked Data. ProLOD has a SQL injection vulnerability. Attackers exploit this vulnerability to perform sql injection attacks...

PT-2023-10119 · Unknown · Typcn Blogile

Name of the Vulnerable Software and Affected Versions: typcn Blogile affected versions not specified Description: A critical vulnerability was found in typcn Blogile, affecting the getNav function of the file server.js. The manipulation of the query argument leads to sql injection. Recommendation...

Aruba Networks EdgeConnect Enterprise Orchestrator SQL注入漏洞

Aruba Networks EdgeConnect Enterprise Orchestrator is a centralized SD-WAN management solution from Aruba Networks, Inc. It provides optimization, management, automation, and real-time visibility and monitoring features for enterprise users. A security vulnerability exists in Aruba Networks...

Aruba Networks ClearPass Policy Manager SQL注入漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager. An attacker could exploit this vulnerability to perform a SQL injection attac...

The vulnerability of the User Portal component of the SFOS operating system’s network interface layer, specifically the Sophos Firewall (previously called Sophos XG Firewall), allows a intruder to gain unauthorized access to protected information.

The vulnerability of the User Portal component of the SFOS operating system’s Sophos Firewall formerly Sophos XG Firewall is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access...

CVE-2022-4358

The WP RSS By Publishers WordPress plugin through 0.1 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

CVE-2022-4351

The Qe SEO Handyman WordPress plugin through 1.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

WordPress plugin Joy Of Text Lite SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

WordPress plugin LetsRecover SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

WordPress plugin WP RSS By Publishers SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

PT-2023-13359 · Sage · Sage Xrt Business Exchange

Name of the Vulnerable Software and Affected Versions: Sage XRT Business Exchange version 12.4.302 Description: The issue allows an authenticated attacker to inject malicious data in SQL queries, specifically in the following areas: Add Currencies, Payment Order, and Transfer History...