323 matches found
CVE-2023-49624 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cancelid' parameter of the materialbill.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2024-13776 · Billing · Billing
Name of the Vulnerable Software and Affected Versions: Billing Software version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the bank details parameter of the "party submit.php" resource does not validate the characters received, and th...
PT-2024-13771 · Billing · Billing
Name of the Vulnerable Software and Affected Versions: Billing Software version 1.0 Description: The issue is related to multiple Unauthenticated SQL Injection vulnerabilities. The 'cancelid' parameter of the "material bill.php" resource does not validate the characters received and they are sent...
PT-2024-13979 · Unknown · Travel Website
Name of the Vulnerable Software and Affected Versions: Travel Website version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the hotelIDHidden parameter of the "booking.php" resource does not validate the characters received, and they are...
CVE-2023-49689
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database...
Sql injection
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2023-31295 · Unknown · Job Portal
Name of the Vulnerable Software and Affected Versions: Job Portal version 1.0 Description: The issue concerns an Unauthenticated SQL Injection vulnerability. Specifically, the txtTotal parameter of the "Employer/InsertWalkin.php" resource does not validate the characters received, and they are se...
CVE-2023-49689
Job Portal v1.0 is affected by multiple unauthenticated SQL injection vulnerabilities in the Employer/DeleteJob.php resource, caused by the JobId parameter not validating input and sending characters unfiltered to the database. This CVE (CVE-2023-49689) is documented across NVD, CVE.org, and rela...
CVE-2023-49689 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49688 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49688 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49686
CVE-2023-49686 is withdrawn per the initial description, but connected sources describe a separate issue affecting Job Portal 1.0. The vulnerability is an Unauthenticated SQL Injection in the Job Portal’s Employer/InsertWalkin.php where the txtTotal parameter is sent unfiltered to the database. T...
CVE-2023-49681
CVE-2023-49681 affects Job Portal v1.0, with multiple unauthenticated SQL Injection vulnerabilities in the parameter cmbQual of the resource Employer/InsertWalkin.php . The input is not validated and is sent unfiltered to the database, enabling potential data exposure or modification. According t...
CVE-2023-49681 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49681 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49678
CVE-2023-49678 is linked to a disclosed issue described in PT-2023-31286: Job Portal version 1.0 contains an unauthenticated SQL Injection vulnerability. The vulnerable component is the Employer/InsertJob.php resource, where the txtDesc parameter is not validated and its data is sent unfiltered t...
CVE-2023-49677 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49677
CVE-2023-49677 affects Job Portal v1.0. The vulnerability is multiple unauthenticated SQL injection in the Employer/InsertJob.php resource, caused by lack of validation/filtering of the cmbQual parameter, which is sent unfiltered to the database. Impact is high (per CVSS 3.1: Critical, with Confi...
CVE-2023-48722
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'classname' parameter of the addresults.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-48689
Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'byname' parameter of the train.php resource does not validate the characters received and they are sent unfiltered to the database...