224 matches found
Netgate pfSense CE 安全漏洞
Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the start-day parameter not validating as a...
Beauty Parlour Management System edit-services.php File SQL Injection Vulnerability
Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in t...
Apartment Management System add_maintenance_cost.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements for parameter ID in file /maintenance/addmaintenancecost.php. An attacker can exploit thi...
Apartment Management System add_owner_utility.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /ownerutility/addownerutility.php. An attacker can exploit...
Job Diary edit-details.php file SQL Injection Vulnerability
Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ID in the file /edit-details.php. An attacker can exploit this vulnerability to execute illegal SQL commands to stea...
Sourceforge Phptax 安全漏洞
Sourceforge Phptax is an open source tax calculator from Sourceforge. A security vulnerability exists in Sourceforge Phptax version 0.8, which stems from the pfilez parameter being passed unvalidated directly to the exec function, which could lead to remote code execution...
Vehicle Management filter2.php File SQL Injection Vulnerability
Vehicle Management is a vehicle management system. Vehicle Management suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter from in the file /filter2.php. An attacker can exploit this vulnerability to execute illega...
Wazifa System postpublish.php File SQL Injection Vulnerability
Wazifa System is a content management system. Wazifa System suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter post in the file /controllers/postpublish.php against externally entered SQL statements. An attacker can exploit this vulnerability t...
Kloxo 安全漏洞
Kloxo is an open source hosting platform from LxCenter. A security vulnerability exists in Kloxo versions prior to 6.1.12 that stems from an unvalidated login-name parameter, which could lead to SQL injection and remote command execution...
Human Resource Management System 跨站脚本漏洞
Human Resource Management System is a human resource management system by maverickosama Individual Developer. A cross-site scripting vulnerability exists in Human Resource Management System version 1.0, which stems from an unvalidated employeeid parameter and could lead to a reflective cross-site...
WeGIA SQL Injection Vulnerability
WeGIA is a web manager for welfare organizations. WeGIA suffers from an SQL injection vulnerability that originates from the unvalidated parameter idatendido in file /html/atendido/ProfileAtendido.php, which can be exploited by an attacker to execute illegal SQL commands to steal sensitive databa...
Voting System positions_add.php file SQL Injection Vulnerability
Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter description in file /admin/positionsadd.php. An attacker can exploit this vulnerability to execute illega...
WeGIA SQL Injection Vulnerability (CNVD-2025-17291)
WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from a lack of validation of the idfuncionario parameter against externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...
Library System student-issue-book.php File SQL Injection Vulnerability
Library System is a library system. The Library System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter reg in the file /student-issue-book.php. An attacker can exploit this vulnerability to execute illeg...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements by the almox parameter. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive databa...
Simple forum register1.php file SQL Injection Vulnerability
Simple forum is a simple forum. Simple forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter User in the file /register1.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...
Daily Expense Manager User Enumeration Vulnerability
Daily Expense Manager is a daily expense management system. Daily Expense Manager suffers from a user enumeration vulnerability that stems from the unvalidated parameter name in the file /check.php, no details of the vulnerability are available at this time...
Student Record System manage-students.php File SQL Injection Vulnerability
Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter del in the file /manage-students.php. An attacker can exploit this vulnerability to...
Code-Projects Daily Expense Manager 安全漏洞
Daily Expense Manager is a daily expense management system. Daily Expense Manager suffers from a user enumeration vulnerability that stems from the unvalidated parameter name in the file /check.php, no details of the vulnerability are available at this time...
Online Shoe Store admin_index.php File SQL Injection Vulnerability
Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter Username in the file /admin/adminindex.php for externally entered SQL statements. An attacker can exploit this vulnerability ...