IBM Sterling B2B Integrator SQL注入漏洞

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates important B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities.IBM Sterling B2B Integrator Standard Edition has a SQL...

Guest Management System SQL注入漏洞

Guest is an application product.Guest Management System is a web-based system designed to monitor the records of everyone who enters a school or college. An SQL injection vulnerability exists in SourceCodester Guest Management System. An attacker exploits the vulnerability to manipulate the...

Gas Agency Management System SQL注入漏洞

Gas Agency Management System is a gas agency management software by Mayuri K. Personal Developer. It is used to manage the daily operations of a gas agency. A SQL injection vulnerability exists in Gas Agency Management System. An attacker can exploit this vulnerability by manipulating the paramet...

Automated Beer Parlour Billing System SQL注入漏洞

Automated Beer Parlour Billing System is an automated hotel beer billing system by the individual developer Senior Walter. A security vulnerability exists in Automated Beer Parlour Billing System. An attacker could exploit the vulnerability by manipulating the parameter username to cause an sql...

Google Android SQL注入漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android 13, which stems from improper input validation SQL injection in MMSProvider that may read protected data, which may lead to local information...

Loan Management System SQL注入漏洞

Loan Management System is a loan management system by razormist individual developers. Loan Management System suffers from a SQL injection vulnerability that stems from some unknown functionality in the file /index.php being affected, where manipulation of the parameter password can lead to sql...

PT-2022-23056 · Unknown · Update By Case

Name of the Vulnerable Software and Affected Versions: update by case gem versions prior to 0.1.3 Description: The issue concerns a SQL injection vulnerability due to the use of custom, unsanitized SQL strings in the update by case gem. This vulnerability allows for potential SQL injection attack...

Keysight Technologies Sensor Management Server SQL注入漏洞

Keysight Technologies Sensor Management Server is a sensor management server from Keysight Technologies, USA. A security vulnerability exists in Keysight Technologies Sensor Management Server SMS that originates from the ability of an unauthenticated, remote attacker to effectively take control o...

The vulnerability of the VMware Workspace One Access application management platform, and the administration consoles of VMware Identity Manager (vIDM), stem from the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the VMware Workspace One Access application management platform, as well as the VMware Identity Manager administration consoles, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute...

mariadb: server crash at Field::set_default via specially crafted SQL statements

A flaw was found in MariaDB. The component, Field::setdefault, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

mariadb: server crash at my_decimal::operator=

A flaw was found in MariaDB. The component, mydecimal::operator=, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

CVE-2022-2460 WPDating < 7.4.0 - Multiple Unauthenticated SQLi

The WPDating WordPress plugin before 7.4.0 does not properly escape user input before concatenating it to certain SQL queries, leading to multiple SQL injection vulnerabilities exploitable by unauthenticated users...

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the parameter phoneNumber of the file /claireblake. statements. An...

SourceCodester Gym Management System SQL注入漏洞

SourceCodester Gym Management System is an American SourceCodester company's gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, databas...

PT-2022-18148 · Sourcecodester · Sourcecodester Simple E-Learning System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple E-Learning System affected versions not specified Description: A critical issue was found in the SourceCodester Simple E-Learning System, affecting an unknown function of the file comment frame.php. The manipulation of t...

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements for the postid parameter. An attacker could use this vulnerability to...

Interview Management System SQL注入漏洞

Interview Management System is an interview management system for janobe individual developers. A SQL injection vulnerability exists in version 1.0 of Interview Management System, which stems from some unknown handling code in /viewReport.php where entering a special string for the parameter id c...

PT-2022-18020 · Sourcecodester · Sourcecodester Garage Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Garage Management System affected versions not specified Description: A critical issue affects the processing of the file removeUser.php, where the manipulation of the id argument leads to SQL injection. The attack can be...

CVE-2022-2272

This vulnerability allows remote attackers to bypass authentication on affected installations of Sante PACS Server 3.0.4. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the login endpoint. When parsing the username element,...