WordPress plugin Daily Prayer Time SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is an application plugin. WordPress Daily Prayer Time...

CVE-2022-27369

Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component newsNews.phphy...

Asterisk SQL注入漏洞

Asterisk is a PBX system software that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols.Asterisk suffers from a SQL injection vulnerability that can be exploited by attackers to cause user-supplied data to create corrupt SQL queries or possibly SQL injections...

CScms SQL注入漏洞

CScms is a Content Management System CMS developed based on the CI framework.Cscms Music Portal System v4.2 is vulnerable to SQL injection, which can be exploited by attackers via the component newsNews.phphy...

CVE-2022-21234

An SQL injection vulnerability exists in the EchoAssets.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

McAfee Agent SQL注入漏洞

Mcafee McAfee Agent MA is a client component from Mcafee that provides secure communication between ePolicy Orchestrator antivirus management platform and the managed products.A SQL injection vulnerability exists in versions prior to McAfee Agent 5.7.6, which stems from the application Lack of...

PT-2022-2397 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions prior to 1.4.2 Description: The issue is related to a lack of validation of XML object sequences, which can be exploited by a remote attacker to conduct SQL injection attacks. This can occur in chart data requests. Th...

UBUNTU-CVE-2022-27379

An issue in the component Argcomparator::comparerealfixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

CVE-2022-27472

SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely...

CSZ CMS SQL注入漏洞

CSZ CMS is a PHP-based open source content management system CMS. CSZ CMS version 1.2.2 contains a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in cszcmsadminUsersviewUsers and can be exploited by attackers to execute illegal SQL...

Atom.CMS SQL注入漏洞

CMS is a content management system from The Digital Craft individual developers in the U.S. A SQL injection vulnerability exists in Atom.CMS version 2.0, which stems from a lack of validation of external input SQL statements in Atom.CMSadminajaxpages.php, and could be exploited by attackers to...

MariaDB SQL注入漏洞

MariaDB is a free and open source database management system from the MariaDB Mariadb Foundation and a forked version of MySQL with the Maria storage engine. A security vulnerability exists in MariaDB Server v10.6 and lower that allows an attacker to cause a denial of service DoS via a specially...

CSZ CMS SQL注入漏洞

CSZ CMS is a PHP-based open source content management system CMS. CSZ CMS version 1.2.2 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in cszcmsadminUserseditUser, and can be used by attackers to execute illegal SQL commands to obtain...

MariaDB SQL注入漏洞

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A security vulnerability exists in MariaDB Server v10.7 and lower, which can be exploited by an attacker to cause a denial of service DoS via a...

Pimcore SQL注入漏洞

Pimcore is an open source Web content management platform for creating and managing Web applications from Austrian company Pimcore. The platform integrates Web content management, e-commerce framework and product information management applications. pimcore has a SQL injection vulnerability, whic...

Car Rental System SQL注入漏洞

Car Rental System is a car rental system by individual developer AMEY THAKUR in India. car Rental System v1.0 is vulnerable to SQL injection, which originates from the lack of SQL data filtering for the id parameter in /CarRental/booking.php, and can be exploited by attackers to execute illegal S...

ZZCMS SQL注入漏洞

ZZCMS is a content management system CMS from the Zzcms team in China. zzCMS2021 is vulnerable to SQL injection, which stems from a lack of filtering of SQL data in admanage.php. An attacker could use this vulnerability to send malicious SQL commands...

cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands

A flaw was found in the SQL plugin shipped with Cyrus SASL. The vulnerability occurs due to failure to properly escape SQL input and leads to an improper input validation vulnerability. This flaw allows an attacker to execute arbitrary SQL commands and the ability to change the passwords for othe...

The vulnerability of the PuppetDB database management system lies in the lack of protective measures for SQL query structures. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the PuppetDB database management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service interruptions...

CVE-2022-27123

Employee Performance Evaluation v1.0 was discovered to contain a SQL injection vulnerability via the email parameter...