Product Show Room Site SQL注入漏洞

Product Show Room Site is a kind of product show room website by Carlo Montero's personal developer. product show room site v1.0 version exists SQL injection vulnerability, the vulnerability originates from the existence of the id parameter in /psrs/?p=products/viewproduct&id SQL injection, an...

atoms183 CMS SQL注入漏洞

atoms183 CMS is a content management system by the individual developer of Дмитрий Глазвин. A SQL injection vulnerability exists in atoms183 CMS version 1.0, which can be exploited by an attacker to execute arbitrary commands on search.php via the Name, Fname, and ID parameters...

PT-2022-22407 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the...

CVE-2022-26348

Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded in...

The vulnerability of the SAP PowerDesigner Proxy’s SQL query transformation service lies in the lack of quotation marks when writing elements or search paths. This allows attackers to exploit their privileges.

The vulnerability of the SAP PowerDesigner Proxy SQL query transformation service is related to the absence of quotes in the syntax of search elements or paths. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the network software tool, Online Fire Reporting System, is related to the lack of measures taken to protect the SQL query structure, allowing attackers to execute arbitrary SQL queries.

The vulnerability of the network software system, Online Fire Reporting System, is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries through the...

Taocms SQL注入漏洞

Taocms is a micro Cms Content Management System in China. A SQL injection vulnerability exists in Taocms version 3.0.2. The vulnerability stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit this vulnerability to perform SQL injection via t...

Fortinet FortiADC SQL注入漏洞

Fortinet FortiADC is an application delivery controller from Fortinet, Inc. Fortinet FortiADC suffers from a SQL injection vulnerability that stems from insufficient cleanup of user-supplied data in the FortiADC management interface. A remote attacker could exploit this vulnerability to send a...

Django SQL注入漏洞

Django is the Django Foundation's set of open source web application framework based on the Python language . The framework includes object-oriented mapper, view system, template system, etc. Django has a SQL injection vulnerability that can be exploited by attackers to send specially crafted SQL...

TypeORM SQL注入漏洞

TypeORM TypeORM is an excellent Node.js ORM framework. The goal of the software is to maintain support for the latest Javascript features; with the following features: 1 to provide one-to-one, many-to-one, one-to-many, many-to-many relational processing of tables; 2 to help develop a variety of...

WordPress Plugin Online Hotel Booking System Pro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Jorani SQL注入漏洞

Jorani is a leave management system developed by Benjamin BALET, an individual developer in France. Designed to provide small organizations with a simple workflow for leave and overtime requests. Jorani v1.0 suffers from an SQL injection vulnerability that stems from a lack of valid validation in...

The vulnerability of the search-dirctory.php component of the Directory Management System allows a hacker to execute arbitrary SQL commands.

The vulnerability of the search-dirctory.php component of the Directory Management System is related to the ability to inject commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using the searchdata parameter...

Prison Management System SQL注入漏洞

Prison Management System is a prison management system from Carlo Montero's personal developer. prison Management System v1.0 is vulnerable to SQL injection, which originates in the application /pms/admin/visits/viewvisit.php in the id parameter in /pms/admin/visits/viewvisit.php is missing the S...

The vulnerability of the Titan FTP Server NextGen installer allows a hacker to execute arbitrary commands with elevated privileges.

The vulnerability of the Titan FTP Server NextGen installer is related to errors during the installation of Microsoft SQL Express 2019. Exploiting this vulnerability allows an attacker to execute arbitrary commands with elevated privileges...

The vulnerability of the view-directory.php component of the Directory Management System allows a hacker to execute arbitrary SQL commands.

The vulnerability of the view-directory.php component of the Directory Management System relates to the ability to inject commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using the editid parameter...

Online Ordering System SQL注入漏洞

Online Ordering System is a multi-store ordering system that can be used by any small business.An SQL injection vulnerability exists in Online Ordering System version v2.3.2, which originates from /ordering/admin/inventory/index.php?view=edit & id=Lack of validation of external input SQL statemen...

CVE-2021-41487

NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName'...

CVE-2022-31908

Student Registration and Fee Payment System v1.0 is vulnerable to SQL Injection via /scms/student.php...

Student Registration and Fee Payment System SQL注入漏洞

Student Registration and Fee Payment System is a student registration and fee payment management system. student registration and fee payment system v1.0 is vulnerable to SQL injection, which originates from /scms/student. php is missing SQL data filtering and escaping. An attacker could use this...