6586 matches found
CVE-2022-36678
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletecategory...
CVE-2022-36678
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletecategory...
CVE-2022-36682
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletestudent...
Simple Task Scheduling System SQL注入漏洞
Simple Task Scheduling System is a simple task scheduling system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Simple Task Scheduling System v1.0, which originates from a security issue with the id parameter in /admin/?page=user/manageuser...
Simple Task Scheduling System SQL注入漏洞
Simple Task Scheduling System is a simple task scheduling system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Simple Task Scheduling System v1.0, which stems from a security issue with the id parameter in /classes/Master.php?f=deleteaccount...
CVE-2022-36698
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/viewcategory.php...
PT-2022-23559 · Unknown · Ingredients Stock Management System
Name of the Vulnerable Software and Affected Versions: Ingredients Stock Management System version 1.0 Description: A SQL injection issue was found in the id parameter at the /classes/Master.php?f=delete category endpoint. Recommendations: For Ingredients Stock Management System version 1.0, avoi...
Tyler Odyssey 信任管理问题漏洞
Tyler Technologies Tyler Odyssey is a court and judicial software system from Tyler Technologies, USA. A security vulnerability exists in Tyler Odyssey that originates when Odyssey is configured to use a certificate public name for client authentication, which allows a man-in-the-middle attacker ...
WWBN AVideo SQL注入漏洞
WWBN AVideo is a video platform builder written in PHP by the WWBN team. A SQL injection vulnerability exists in WWBN AVideo version 11.6. An attacker exploits this vulnerability to cause SQL injection via a specially crafted HTTP request...
CVE-2022-36606
Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database...
VulnCheck KEV: CVE-2022-24260
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level...
CVE-2022-25228
CandidATS Version 3.0.0 Beta allows an authenticated user to inject SQL queries in '/index.php?m=settings&a=show' via the 'userID' parameter, in '/index.php?m=candidates&a=show' via the 'candidateID', in '/index.php?m=joborders&a=show' via the 'jobOrderID' and '/index.php?m=companies&a=show' via...
CVE-2022-35175
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hiddenid parameter at /blotter/blotter.php...
CVE-2022-35603
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt...
Barangay Management System SQL注入漏洞
Barangay Management System is a database driven system. A SQL injection vulnerability exists in Barangay Management System v1.0, which was discovered via the hiddenid parameter in /blotter/blotter.php...
InventoryManagementSystem SQL注入漏洞
InventoryManagementSystem is an inventory management system by Sajan Rajbhandari, an individual developer. It provides an easy way to track products, suppliers, customers, and purchasing and sales information. A SQL injection vulnerability exists in InventoryManagementSystem version 1.0, which...
InventoryManagementSystem SQL注入漏洞
InventoryManagementSystem is an inventory management system by Sajan Rajbhandari, an individual developer. It provides an easy way to track products, suppliers, customers, and purchasing and sales information. An SQL injection vulnerability exists in InventoryManagementSystem version 1.0, which...
The vulnerability of the Photonic Plugin, related to the lack of protection for the SQL query structure, allows attackers to put the database into a sleep state.
The vulnerability of the Photonic Plugin is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to put the database into a sleep mode...
The vulnerability of the Rapid7 Nexpose vulnerability management system lies in the insufficient protection of the SQL query structure. This allows attackers to manipulate the “ANY” and “OR” operators in SearchCriteria, thereby allowing them to inject malicious SQL code.
The vulnerability of the Rapid7 Nexpose vulnerability management system is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to manipulate the “ANY” and “OR” operators in SearchCriteria and introduce malicious SQL code...
CVE-2022-36599
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists...