PT-2022-26426 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the handling of...

PT-2022-26428 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the handling of...

CVE-2022-42243

Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/managestorage.php?id=...

CVE-2022-42250

Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/viewdetails.php?id=...

The vulnerability of the admin/ask.php implementation in the ZZCMS CMS system allows a hacker to execute arbitrary SQL queries.

The vulnerability of the admin/ask.php implementation in the ZZCMS CMS system relates to the lack of measures taken to protect the SQL query structure during the processing of the askbigclassid parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries...

Rockwell Automation Factory Talk VantagePoint SQL注入漏洞

Rockwell Automation Factory Talk VantagePoint is an advanced industrial application ecosystem from Rockwell Automation, Inc. The SQL injection vulnerability in Rockwell Automation Factory Talk VantagePoint stems from a failure to properly validate SQL statements entered by users when retrieving...

The vulnerability of the Visual Difference Application component of the SAP Business Objects Business Intelligence Platform allows a perpetrator to disclose protected information.

The vulnerability of the Visual Difference Application component in the SAP Business Objects Business Intelligence Platform exists due to the failure to take measures to neutralize special elements used in SQL queries. Exploiting this vulnerability can allow a malicious actor, operating remotely,...

CVE-2022-42303

An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302...

PT-2022-25672 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the handling of...

CVE-2022-28815

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sentilo service...

SourceCodester Food Ordering Management System 安全漏洞

Food Ordering Management System is a food ordering management system from Carlo Montero's personal developer. The Food Ordering Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements by username, and can be exploited by attackers...

CVE-2022-40354

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/updatebooking.php...

Resumes-Management-and-Job-Application-Website-with-PHP-Bootstrap-and-MySQL SQL注入漏洞

Resumes Management and Job Application Website is a simple application that can be used for small business or student projects. version 1.0 of Egavilan Media Resumes Management and Job Application Website is vulnerable to SQL injection vulnerability, which can be exploited by attackers to obtain...

Online Tours & Travels Management System SQL注入漏洞

Online Tours & Travels Management System is an online travel management system developed by Mayuri K. A SQL injection vulnerability exists in Online Tours & Travels Management System v1.0, which originates from /admin/update The id parameter of traveller.php lacks validation for external input SQ...

CVE-2022-40043

Centreon v20.10.18 was discovered to contain a SQL injection vulnerability via the escname Escalation Name parameter at Configuration/Notifications/Escalations...

Centreon SQL注入漏洞

Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . A SQL injection vulnerability exists in Centreon v20.10.18, which stems from the escname Escalation Name parameter of its Configuration/Notifications/Escalations component Lack of...

Online Tours & Travels Management System SQL注入漏洞

Online Tours ＆ Travels Management System is an online travel management system by Mayuri K Personal Developer. A SQL injection vulnerability exists in Online Tours & Travels Management System version v1.0 due to a lack of validation of externally-entered SQL statements in the id parameter of its...

Wedding Planner SQL注入漏洞

Wedding Planner is a wedding planner project by pushpam abhishek. Designed to provide users with an easy way to plan their wedding through a web application while using real data. Wedding Planner v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of externally...

Online Banking System SQL注入漏洞

Online Banking System is an online banking system developed using PHP and MySQL. v1.0 of Online Banking System has a security vulnerability that originates from an SQL injection in the custid parameter of the /net-banking/deletecustomer.php location. issue. No details of the vulnerability are...

Online Tours & Travels Management System SQL注入漏洞

Online Tours & Travels Management System is an online travel management system by Mayuri K. Personal developer. A SQL injection vulnerability exists in Online Tours & Travels Management System v1.0, which originates from a lack of validation of externally entered SQL statements in the id paramete...