CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. A SQL injection vulnerability exists in the CSCMS Music Portal System due to a lack of validation of the id parameter of /admin.php/user/zudel against externally entered SQL...

Piwigo SQL注入漏洞

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A SQL injection vulnerability exists in Piwigo version 11.5.0, which stems from a lack of validation of the id parameter in admin.php...

Sql injection

SQL Injection vulnerability in admin/batchmanager.php in piwigo v2.9.5, via the filtercategory parameter to admin.php?page=batchmanager...

CVE-2020-19217

SQL Injection vulnerability in admin/batchmanager.php in piwigo v2.9.5, via the filtercategory parameter to admin.php?page=batchmanager...

CVE-2020-19216

This CVE (CVE-2020-19216) affects Piwigo 2.9.5, where an SQL injection exists in admin/user_perm.php triggered via the cat_false parameter in admin.php?page=group_perm. The root cause is an injection vulnerability in the admin permission management flow, allowing potentially unauthorized access t...

CVE-2022-27413

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php...

Sql injection

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php...

CVE-2022-27413

CVE-2022-27413 affects Hospital Management System v1.0, with a SQL injection vulnerability in admin.php via the adminname parameter. Multiple sources (NVD, CNVD, Red Hat advisory entries and others) corroborate the flaw exists in the same component. CVSS metrics from NVD indicate high to critical...

Hospital Management System SQL注入漏洞

Hospital Management System is a hospital management system. A SQL injection vulnerability exists in Hospital Management System v1.0, which includes modules for patient information management, appointment services, and financial management. The vulnerability is related to the lack of validation of...

CVE-2022-28527

dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del...

CVE-2022-27429

Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via /admin.php/Plugins/update.html...

CVE-2022-27429

Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via /admin.php/Plugins/update.html...

CVE-2022-27429

CVE-2022-27429 affects Jizhicms v1.9.5 with a Server-Side Request Forgery (SSRF) via /admin.php/Plugins/update.html. Root cause is an SSRF in the update handler; CVSS metrics indicate high severity (CVSS‑2.0 7.5 HIGH; CVSS‑3.1 9.8 CRITICAL). The provided connected documents do not include any rem...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35535）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=posts...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35533）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability, which originates from /admin.php?id=siteoptions&social=edit&sid=insid parameter missing validation of external input...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35532）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates from the lack of validation of external input SQL statements in the setid parameter in...

Sql injection

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=display&value=0&sid=2...

Sql injection

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=edit&sid=2...

Sql injection

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via BabyCare/admin.php?id=theme&setid=...

CVE-2022-28432

The CVE-2022-28432 entry concerns Baby Care System v1.0 with a SQL injection vulnerability exploitable via /admin.php?id=siteoptions&social=display&value=0&sid=2. Public sources describe that the vulnerability arises from missing validation of external input in the SQL statement, enabling potenti...