Church Management System SQL注入漏洞

Church Management System is a church management system. A SQL injection vulnerability exists in version 1.0 of the Church Management System, which stems from an SQL injection vulnerability in the na parameter of the /admin/addTithes.php file...

Church Management System SQL注入漏洞

Church Management System is a church management system. A SQL injection vulnerability exists in version 1.0 of the Church Management System, which originates from an SQL injection vulnerability in the password parameter of the /admin/index.php file...

Netentsec NS-ASG Application Security Gateway SQL注入漏洞

NetentSec NS-ASG Application Security Gateway is an application security gateway from China NetentSec. A SQL injection vulnerability exists in Netentsec NS-ASG Application Security Gateway version 6.3, which originates from a SQL injection vulnerability in the parameter TunnelId in the file...

PT-2024-23859 · Webhood +1 · Webhood +1

Name of the Vulnerable Software and Affected Versions: Webhood versions 0.9.0 and earlier Description: Webhood is a self-hosted URL scanner used for analyzing phishing and malicious sites. The vulnerability allows an unauthenticated attacker to send an HTTP request to the database Pocketbase admi...

PT-2024-25284 · Sourcecodester · Aplaya Beach Resort Online Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Aplaya Beach Resort Online Reservation System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file admin/mod roomtype/index.php. The manipulation of the id argument leads to S...

Computer Laboratory Management System SQL注入漏洞

Computer Laboratory Management System is a computer laboratory management system. A SQL injection vulnerability exists in Computer Laboratory Management System version 1.0, which originates from a SQL injection vulnerability in the parameter id of the file /admin/...

CVE-2024-30859

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/configISCGroupSSLCert.php...

Complete Online Beauty Parlor Management System /edit-services.php File SQL Injection Vulnerability

Complete Online Beauty Parlor Management System is an online beauty parlor management system. The Complete Online Beauty Parlor Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the editid parameter of th...

Complete Online Beauty Parlor Management System /forgot-password.php File SQL Injection Vulnerability

Complete Online Beauty Parlor Management System is an online beauty parlor management system. The Complete Online Beauty Parlor Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the email parameter of the...

CVE-2024-2669

A vulnerability was found in Campcodes Online Job Finder System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/employee/controller.php of the component GET Parameter Handler. The manipulation of the argument EMPLOYEEID leads to sql injection. The...

CVE-2024-2530

A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/update-rooms.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiate...

Online-College-Event-Hall-Reservation-System SQL Injection Vulnerability

Online-College-Event-Hall-Reservation-System is an online college event hall reservation system by Magesh K individual developer. Designed to automate the hall booking process to eliminate manual logging and increase efficiency. Online-College-Event-Hall-Reservation-System suffers from a SQL...

PT-2024-19571 · Unknown · Boyiddha Automated-Mess-Management-System

Name of the Vulnerable Software and Affected Versions: boyiddha Automated-Mess-Management-System version 1.0 Description: A critical issue affects the Setting Handler component of the system, specifically the /admin/index.php file, leading to improper access controls. The attack can be initiated...

GHSA-FFFG-CWC9-XVJ7 mongo-express Cross-site Request Forgery vulnerability

In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletion of a Collection...

PT-2024-18633 · Netentsec · Netentsec Ns-Asg Application Security Gateway

Name of the Vulnerable Software and Affected Versions: Netentsec NS-ASG Application Security Gateway version 6.3 Description: A critical issue was found in the Netentsec NS-ASG Application Security Gateway. The problem affects an unknown function of the file /admin/list localuser.php. The...

SourceCodester Complete File Management System SQL Injection Vulnerability

Complete File Management System is a file management system by nelzkie15 Personal Developer. A SQL injection vulnerability exists in SourceCodester Complete File Management System version 1.0, which originates from a SQL injection vulnerability in the file /admin/ of the component admin Login For...

MTN Group: Improper Access Controls(Admin Path)

The vulnerability involved improper access controls that allowed the admin path "/wp-admin/admin-ajax.php" to be accessed on the "https://nin.mtn.ng/" website. This could have potentially allowed unauthorized access to sensitive information...

Engineers Online Portal SQL Injection Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. A SQL injection vulnerability exists in SourceCodester Engineers Online Portal version 1.0, which stems from the parameter...

CVE-2023-7177

A vulnerability classified as critical was found in Campcodes Online College Library System 1.0. This vulnerability affects unknown code of the file /admin/bookadd.php of the component HTTP POST Request Handler. The manipulation of the argument category leads to sql injection. The attack can be...

GHSA-GFHV-XXQJ-H323 Cross-Site Request Forgery in JFinalCMS via /admin/friend_link/update

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/update...