CVE-2022-37185

SQL injection vulnerability exists in the school information query interface repschoolproj.php of the EMS 6.2 system of the Office of the Thai Basic Education Commission, which can lead to data leakage...

CVE-2022-37185

SQL injection vulnerability exists in the school information query interface repschoolproj.php of the EMS 6.2 system of the Office of the Thai Basic Education Commission, which can lead to data leakage...

CVE-2022-2717

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter on the joomsport-events-form page in versions up to, and including, 5.2.5 due to insufficient escaping on the user supplied parameter and lack of...

Clinic’s Patient Management System SQL注入漏洞

Clinic's Patient Management System is a patient management system for Carlo Montero's clinics. A SQL injection vulnerability exists in Clinic's Patient Management System version 1.0 due to unknown functionality in the index.php file of the component Login, where manipulation of the parameter...

UBUNTU-CVE-2020-22669

Modsecurity owasp-modsecurity-crs 3.2.0 Paranoia level at PL1 has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass Modsecurity WAF protection and implement SQL injection attacks on Web applications...

Online Food Ordering System SQL注入漏洞

Online Food Ordering System is an online food ordering system. Online Food Ordering System suffers from a SQL injection vulnerability that can be exploited by an attacker to perform SQL injection via the component /dish .php?resid=...

Expense Management System SQL注入漏洞

Expense Management System is an expense management system. version v1.0 of Expense Management System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the id parameter of its /Home/debitcreditp component. An attacker could use this...

mariadb: server crash at my_decimal::operator=

A flaw was found in MariaDB. The component, mydecimal::operator=, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

mariadb: use-after-poison when complex conversion is involved in blob

A flaw was found in the MariaDB Server, where it contains a use-after-free in the component, Itemfuncin::cleanup. This issue is exploited via specially crafted SQL statements, affecting availability...

Simple Task Scheduling System SQL注入漏洞

Simple Task Scheduling System is a simple task scheduling system by Carlo Montero Personal Developer. A security vulnerability exists in the v1.0 version of Simple Task Scheduling System, which contains a SQL injection vulnerability via the id parameter in /schedules/manageschedule.php...

CVE-2022-38118

OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service...

CVE-2022-36712

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /staff/studentdetails.php...

Oaklouds SQL注入漏洞

Hgiga Oaklouds is an enterprise collaborative work portal network of China Henderson Technology Hgiga Company. It is used for just-in-time communication and resource reservation. Oaklouds suffers from a SQL injection vulnerability that stems from insufficient validation of user input. A remote...

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Library Management System v1.0, which was discovered to contain an SQL injection vulnerability via the...

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Library Management System v1.0, which was discovered to contain an SQL injection vulnerability via the MI...

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Library Management System v1.0, which was discovered to contain an SQL injection vulnerability via the...

Ingredients Stock Management System SQL注入漏洞

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /admin/?page= user/manageuser&id= is missing validation for external input SQ...

The vulnerability of the /librarian/bookdetails.php component of the Library Management System allows a malicious individual to execute arbitrary SQL queries.

The vulnerability of the /librarian/bookdetails.php component of the Library Management System lies in the possibility of executing commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

CVE-2022-36705

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /stocks/managewaste.php...

Fast Food Ordering System SQL注入漏洞

Fast Food Ordering System is a fast food ordering system by the individual developer Carlo Montero. Fast Food Ordering System suffers from an SQL injection vulnerability that originates from an unknown function in its component ffos/admin/reports/index.php that operates on the parameter date, whi...