Code-Projects Online Music Site SQL注入漏洞

Code-Projects Online Music Site is an online music website developed by Code-Projects as open source. Version 1.0 of Code-Projects Online Music Site has a SQL injection vulnerability. This vulnerability arises from the parameter ID operations in the file/Administrator/PHP/AdminUpdateAlbum.php,...

PT-2026-45186

A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and...

PT-2026-45174

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public a...

OpenCats SQL注入漏洞

OpenCats is an open-source recruitment process management system developed by OpenCats. Version OpenCATS 0.9.1a contains a SQL injection vulnerability. This vulnerability stems from SQL injections in the DataGrid filter processing. It may allow authenticated attackers to bypass column filtering...

CVE-2018-25420

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to watch.php with crafted SQL payloads to extract sensitive database informati...

EUVD-2018-21944

MOGG web simulator Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the id parameter. Attackers can send GET requests to play.php with crafted SQL payloads in the id parameter to extract...

EUVD-2018-21940

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the year parameter. Attackers can send GET requests to year.php with crafted SQL payloads in the year parameter to extract sensiti...

CVE-2018-25416

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability in country.php via the country parameter. An unauthenticated attacker can send crafted GET requests to extract sensitive data from the database (usernames, database names, version details). CVSS data indicates high impact with network ac...

CVE-2018-25415

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the director parameter. Attackers can send GET requests to director.php with crafted SQL payloads in the director parameter to...

CVE-2018-25415

AiOPMSD Final 1.0.0 is affected by an SQL injection via the director parameter. An unauthenticated attacker can send crafted SQL payloads to director.php (GET) to extract sensitive data such as usernames, database names, and version details. CVSS metrics: v3.1 base score 8.2 (HIGH) with Network v...

EUVD-2018-21933

MGB OpenSource Guestbook 0.7.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to email.php with crafted SQL payloads in the 'id' parameter to...

PT-2026-45120

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to watch.php with crafted SQL payloads to extract sensitive database informati...

AiOPMSD Final SQL注入漏洞

AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the actor parameter, potentially allowing unauthenticated attackers to execute...

PT-2026-45141

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts report search of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument...

AiOPMSD Final SQL注入漏洞

AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the id parameter, potentially allowing unauthenticated attackers to execute...

AiOPMSD Final SQL注入漏洞

AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the quality parameter, potentially allowing unauthenticated attackers to execute...

CVE-2018-25398

The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the frmpasswd parameter. Attackers can send POST requests to main.php with crafted SQL payloads to extract sensitive...

CVE-2018-25403 The Open ISES Project 3.30A SQL Injection via city_graph.php

The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attackers can send GET requests to citygraph.php with crafted SQL payloads to extract sensitive database...

CVE-2018-25402 The Open ISES Project 3.30A SQL Injection via inc_types_graph.php

The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attackers can send GET requests to inctypesgraph.php with crafted SQL payloads to extract sensitive...

EUVD-2018-21923

The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attackers can send GET requests to severgraph.php with crafted SQL payloads to extract sensitive databas...