CVE-2022-1361

The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user’s accounts and devices...

Toll Tax Management System SQL注入漏洞

Toll Tax Management System is a toll tax management system. A SQL injection vulnerability exists in Toll Tax Management System version 1.0, which stems from the id parameter being susceptible to SQL injection attacks. The vulnerability can be exploited by an attacker to obtain sensitive informati...

CVE-2022-1731

Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO or System authentication are required to be enabled for vulnerable conditions to exist...

HMS SQL注入漏洞

HMS is a computer or web-based hospital management system. version 1.0 of HMS is vulnerable to SQL injection, which stems from the presence of multiple parameters that can lead to SQL injection when requesting appointment.php using the POST method. An attacker could use this vulnerability to obta...

Hospital Management System SQL注入漏洞

Hospital Management System HMS is a computer system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. hospital Management System v1.0 is vulnerable to SQL injection, which can be exploited by attackers via the SQL injection via the deli...

OpenClinica SQL注入漏洞

OpenClinica is a commercial open source clinical trial software for electronic data capture EDC and clinical data management CDM. A security vulnerability exists in OpenClinica versions prior to 3.16.1 that stems from the use of string concatenation to create SQL queries...

CVE-2022-30401

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/?p=viewproduct&id=...

CVE-2022-30400

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/admin/orders/vieworder.php?view=user&id=...

CVE-2022-30392

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/classes/Master.php?f=deletesubcategory...

CVE-2022-30387

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/classes/Master.php?f=payorder...

CVE-2022-30396

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/admin/?page=inventory/manageinventory&id=...

Merchandise Online Store SQL注入漏洞

Merchandise Online Store is a merchandise online store system. merchandise Online Store has a security vulnerability that can be exploited by attackers to conduct SQL injection via /vloggersmerch/classes/Master.php?f=deletecart attack...

NETGEAR ProSafe SSL VPN firmware FVS336G SQL注入漏洞

The NETGEAR FVS336G is a VPN Virtual Private Network firewall router from NETGEAR. A security vulnerability exists in the NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 versions, which stems from a missing filter escape in USERDBDomains.Domainname in cgi-bin/platform.cgi, which can be...

Simple Social Networking Site SQL注入漏洞

Simple Social Networking Site is a social networking site. Simple Social Networking Site has a security vulnerability that can be exploited by attackers to conduct SQL injection attacks via /sns/admin/?page=posts/viewpost&id=...

Merchandise Online Store SQL注入漏洞

Merchandise Online Store is a merchandise online store system. merchandise Online Store has a security vulnerability that can be exploited by attackers via /vloggersmerch/admin/orders/vieworder.php?view=user&id = SQL injection attack...

Merchandise Online Store SQL注入漏洞

Merchandise Online Store is a merchandise online store system. A security vulnerability exists in Merchandise Online Store, which can be exploited by attackers via /vloggersmerch/classes/Master.php?f=deleteinventory to conduct SQL injection attack...

Merchandise Online Store SQL注入漏洞

Merchandise Online Store is a merchandise online store system. merchandise Online Store has a security vulnerability that can be exploited by attackers via /vloggersmerch/admin/?page=product/manageproduct&id= to conduct SQL injection attack...

CVE-2022-22413

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022...

CVE-2022-29986

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=deletefacility...

IBM Robotic Process Automation SQL注入漏洞

IBM Robotic Process Automation is a robotic process automation product from IBM Corporation. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. IBM Robotic Process Automation is vulnerable to a SQL injection vulnerability that could be...