Directory Management System SQL注入漏洞

Directory Management System is a directory management system by Anuj Kumar, a personal developer. A security vulnerability exists in Directory Management System v1.0, which can be exploited to perform an SQL injection attack via the editid parameter in view-directory.php...

NOKIA VitalSuite SPM SQL注入漏洞

NOKIA VitalSuite SPM is a multi-vendor, multi-application performance management solution from Nokia Finland. A security vulnerability exists in NOKIA VitalSuite SPM version 2020. An attacker exploited the vulnerability to perform SQL injection via UserName...

CVE-2019-4575

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM...

Advanced School Management System SQL注入漏洞

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getsubjectrouting.php?id=The page lacks validation for external input SQL statements...

YouDianCMS SQL注入漏洞

YouDianCMS is a website CMS. A SQL injection vulnerability exists in YouDianCMS v9.5.0, which originates from the lack of validation of the IdList parameter at /App/Lib/Action/Home/ApiAction.class.php against external SQL input. This vulnerability can be exploited to execute illegal SQL commands ...

Online Tours And Travels Management System SQL注入漏洞

Online Tours And Travels Management System is an online tour management system. v1.0 of Online Tours And Travels Management System is vulnerable to SQL injection, which originates from /admin/operations/tax. The tname parameter in php lacks validation for external input SQL statements. An attacke...

CVE-2022-32355

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/viewproduct&id=...

CVE-2022-32362

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/managecategory.php?id=...

CVE-2022-32337

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/patients/managepatient.php?id=...

CVE-2022-32335

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/managemenu.php?id=...

CVE-2022-32332

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=deletecategory...

Product Show Room Site SQL注入漏洞

Product Show Room Site is a product show room site. A SQL injection vulnerability exists in Product Show Room Site version 1.0, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

Patient Records Management System SQL注入漏洞

Sourcecodester Hospital Patient Records Management System is a Web-based application that provides hospitals with an automated platform to store and manage their patient records. Management System is vulnerable to SQL injection, which originates from /hprms/admin/?page=user/manageuser&id= page...

Patient Records Management System SQL注入漏洞

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourcecodester Hospital Patient Records Management System is vulnerable to a SQL injection vulnerability that originate...

Product Show Room Site SQL注入漏洞

Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to SQL injection, which originates from /psrs/classes/Master.php?f=deletecategory The page lacks validation for external input SQL statements, which can b...

Patient Records Management System SQL注入漏洞

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. Management System is vulnerable to a SQL injection vulnerability that originates in the...

CVE-2017-20042

A vulnerability has been found in Navetti PricePoint 4.6.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection Blind. The attack can be launched remotely. Upgrading to version 4.7.0.0 is able to address this issue. It i...

RosarioSIS SQL注入漏洞

RosarioSIS is a student information system. Used to manage students, create reports and make sound decisions, a SQL injection vulnerability exists in versions of RosarioSIS prior to 9.0, which stems from the application's lack of validation of externally entered SQL statements. An attacker could...

Navetti PricePoint SQL注入漏洞

Navetti PricePoint is a unique pricing software solution from Navetti. designed to allow companies with international sales operations to develop locally based pricing structures that take unique local factors into account to achieve the best possible price for their product or service. A SQL...

Amodat Mobile Application Gateway SQL注入漏洞

Amodat Mobile Application Gateway, a mobile application gateway from Amodat Israel, is vulnerable to a SQL injection vulnerability in versions prior to 7.12.00.09, which stems from the username parameter in the login panel Lack of validation of externally entered SQL statements. An attacker could...