3 matches found
CVE-2025-51968
A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions...
The vulnerability in the action.php web application used for creating medical certificates in the Medical Certificate Generator App allows a violator to execute arbitrary SQL code.
The vulnerability of the action.php web application used for creating medical certificates in the Medical Certificate Generator App is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL code remotely...
CVE-2012-5642
server/action.py in Fail2ban before 0.8.8 does not properly handle the content of the matches tag, which might allow remote attackers to trigger unsafe behavior in a custom action file via unspecified symbols in this content...