CVE-2022-44117

Boa 0.94.14rc21 is vulnerable to SQL Injection via username. NOTE: the is disputed by multiple third parties because Boa does not ship with any support for SQL...

JIZHICMS SQL注入漏洞

Extreme Networks Technology JIZHICMS Extreme CMS is an open source content management system CMS from China's Extreme Networks Technology. A security vulnerability exists in JIZHICMS v2.3.3, which can be exploited by an attacker to perform SQL injection via the...

PT-2022-27113 · Boa · Boa

Name of the Vulnerable Software and Affected Versions: Boa version 0.94.14rc21 Description: The issue concerns SQL Injection via the username variable. However, it is noted that this vulnerability is disputed by multiple third parties because Boa does not ship with any support for SQL...

CVE-2022-43212

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the orderId parameter at fetchOrderData.php...

Billing System Project SQL注入漏洞

Billing System Project is a billing system project by Mayuri K. Individual developer. Billing System Project v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of the orderId parameter in printOrder.php against an externally entered SQL statement. An attacker cou...

The vulnerability of the Field::set_default component in the MariaDB database, which allows a hacker to trigger a service failure.

The vulnerability of the Field::setdefault component in the MariaDB database management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to trigger a service failure through a specially crafted SQL query...

Silverstripe CMS SQL注入漏洞

Silverstripe CMS is an application from Silverstripe New Zealand. Empower powerful digital teams by creating a platform for digital change. Silverstripe CMS suffers from a SQL injection vulnerability that can be exploited by an attacker to execute arbitrary SQL statements by adding a SQL load to...

CVE-2022-39180

College Management System v1.0 - SQL Injection SQLi. By inserting SQL commands to the username and password fields in the login.php page...

PT-2022-26779 · Unknown · Online Diagnostic Lab Management System

Name of the Vulnerable Software and Affected Versions: Online Diagnostic Lab Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/tests/view test.php" API endpoint. Recommendations: For...

PT-2022-25410 · Unknown · Attendance Management System

Name of the Vulnerable Software and Affected Versions: Student Attendance Management System affected versions not specified Description: A critical issue affects the Student Attendance Management System, specifically the file /Admin/createClass.php. The manipulation of the Id argument leads to sq...

Simmeth System Supplier Manager SQL注入漏洞

Simmeth System Supplier Manager is a supply chain software from Simmeth System, Germany. versions prior to Simmeth System Supplier Manager 5.6 contain a design error vulnerability that could be exploited by attackers to obtain sensitive database information...

MonikaBrzica scm 安全漏洞

scm is a supply chain management software by MonikaBrzica Individual Developer. A security vulnerability exists in MonikaBrzica scm, which stems from some unknown function of its upisubazu.php component that operates on the email/lozinka/ime/id parameter, leading to an attacker to implement SQL...

CVE-2022-43288

Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the orderby parameter at /rukovoditel/index.php?module=logs/view&type=php...

Arches SQL注入漏洞

Arches is an Arches open source web platform for creating, managing and visualizing geospatial data. A security vulnerability exists in Arches versions prior to 6.1.2, 6.2.1, and 7.1.2, which stems from an attacker being able to implement SQL injection via a crafted web request...

HHIMS SQL注入漏洞

HHIMS is a free, open source software system from the individual developers at TSRuban. It is used to store and retrieve simple patient medical records. HHIMS suffers from a SQL injection vulnerability that originates from an unknown function in the scenegraph/svgattributes.c file of the SVG Pars...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics Taiwan, China used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes and maximize...

Online Diagnostic Lab Management System SQL注入漏洞

Online Diagnostic Lab Management System is an online diagnostic lab management system. A security vulnerability exists in Online Diagnostic Lab Management System v1.0, which was discovered to contain an SQL injection vulnerability via the id parameter on /odlms//classes/Master.php?f=deleteactivit...

CVE-2022-39069

There is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could trigger an attack by building malicious requests. Exploitation of this vulnerability could cause the leakage of the current table content...

Schneider Electric EcoStruxure Operator Terminal Expert SQL注入漏洞

Schneider Electric EcoStruxure Operator Terminal Expert is a touch screen configuration software from Schneider Electric, France. This software support is mainly used to create and edit touch applications. A SQL injection vulnerability exists in Schneider Electric EcoStruxure Operator Terminal...

UBUNTU-CVE-2022-39323

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Time based attack using a SQL injection in api REST usertoken. This issue has been patched, please...