303 matches found
CVE-2023-50862
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelIDHidden' parameter of the booking.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-50862 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelIDHidden' parameter of the booking.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-50862
This CVE affects Travel Website v1.0. The vulnerability is an unauthenticated SQL Injection in the booking.php resource, triggered by the hotelIDHidden parameter where input is not properly validated and is sent unfiltered to the database. Impact is described as high for confidentiality, integrit...
CVE-2023-50743
Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the registration.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49665
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'quantity' parameter of the submitdeliverylist.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49665
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'quantity' parameter of the submitdeliverylist.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-50753
CVE-2023-50753 affects Online Notice Board System v1.0. The vulnerability is an unauthenticated SQL injection in the dd parameter of the user/update_profile.php endpoint, where input is not validated and is sent unfiltered to the database. This results in potential data exposure/modification due ...
CVE-2023-50752 Online Notice Board System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'e' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49665 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'quantity' parameter of the submitdeliverylist.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49658 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'bankdetails' parameter of the partysubmit.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49639
The CVE-2023-49639 issue affects Billing Software v1.0, where the vulnerable component is the customer_details parameter of buyer_invoice_submit.php. The root cause is lack of input validation, allowing unauthenticated SQL Injection by sending unfiltered data to the database. Documented impact is...
CVE-2023-49633
The CVE-2023-49633 entry denotes a vulnerability in Billing Software v1.0 (Kashipara Billing Software) where the input in the buyer_address parameter of buyer_detail_submit.php is not validated before being sent to the database, enabling unauthenticated SQL injection. The issue affects the affect...
CVE-2023-49633 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'buyeraddress' parameter of the buyerdetailsubmit.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49624 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cancelid' parameter of the materialbill.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2024-13776 · Billing · Billing
Name of the Vulnerable Software and Affected Versions: Billing Software version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the bank details parameter of the "party submit.php" resource does not validate the characters received, and th...
PT-2024-13771 · Billing · Billing
Name of the Vulnerable Software and Affected Versions: Billing Software version 1.0 Description: The issue is related to multiple Unauthenticated SQL Injection vulnerabilities. The 'cancelid' parameter of the "material bill.php" resource does not validate the characters received and they are sent...
PT-2024-13979 · Unknown · Travel Website
Name of the Vulnerable Software and Affected Versions: Travel Website version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the hotelIDHidden parameter of the "booking.php" resource does not validate the characters received, and they are...
CVE-2023-49689
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database...
Sql injection
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2023-31295 · Unknown · Job Portal
Name of the Vulnerable Software and Affected Versions: Job Portal version 1.0 Description: The issue concerns an Unauthenticated SQL Injection vulnerability. Specifically, the txtTotal parameter of the "Employer/InsertWalkin.php" resource does not validate the characters received, and they are se...