CVE-2022-3395 WP All Export Pro < 1.7.9 - Authenticated SQLi

The WP All Export Pro WordPress plugin before 1.7.9 uses the contents of the ccsql POST parameter directly as a database query, allowing users which has been given permission to run exports to execute arbitrary SQL statements, leading to a SQL Injection vulnerability. By default only users with t...

SAP NetWeaver J2EE Engine SQL Injection (CVE-2016-2386)

An SQL injection vulnerability exists in SAP NetWeaver J2EE Engine. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

Gin-Vue-Admin SQL Injection Vulnerability

Gin-Vue-Admin is a full-stack pre-development infrastructure platform based on Vue and Gin. Gin-Vue-Admin is vulnerable to SQL injection, which can be exploited by attackers to execute arbitrary SQL statements...

Elide SQL Injection Vulnerability

Elide is a Java library. Elide is vulnerable to SQL injection, which can be exploited by attackers to execute arbitrary SQL statements...

Citrix SD-WAN SQL Injection (CVE-2019-12989)

An SQL injection vulnerability exists in Citrix SD-WAN. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

PuneethReddyHC SQL Injection Vulnerability

PuneethReddyHC is an online shopping system. SQL injection vulnerability exists in PuneethReddyHC, which can be exploited by attackers to execute arbitrary SQL statements with the p parameter in product.php...

Authentication flaw

The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements...

Design/Logic Flaw

A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements...

CVE-2021-27472 Rockwell Automation FactoryTalk AssetCentre SQL Injection

A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements...

WordPress WP Statistics Plugin SQL Injection (CVE-2022-25148)

An SQL injection vulnerability exists in WordPress WP Statistics Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

WordPress WP_Query SQL Injection (CVE-2022-21661)

An SQL injection vulnerability exists in WordPress WPQuery. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

Sql injection

A vulnerability has been identified in COMOS V10.2 All versions only if web components are used, COMOS V10.3 All versions V10.3.3.3 only if web components are used, COMOS V10.4 All versions V10.4.1 only if web components are used. The COMOS Web component of COMOS is vulnerable to SQL injections...

CVE-2021-40842

Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console. The vulnerability exists due to improper input validation on the database name parameter required in certain unauthenticated APIs. A malicious URL visited by anyone with network access to the...

PHPGurukul Apartment Visitors Management System SQL Injection Vulnerability

PHPGurukul Apartment Visitors Management System is an apartment visitor management system from the PHPGurukul team.A SQL injection vulnerability exists in PHPGurukul Apartment Visitors Management System version 1.0, which could be exploited by attackers to The vulnerability can be exploited to...

WordPress WooCommerce Plugin SQL Injection

An SQL injection vulnerability exists in WordPress WooCommerce Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

PHPGurukul Student Record System SQL Injection Vulnerability (CNVD-2022-58222)

PHPGurukul Student Record System is an application that is vulnerable to SQL injection in version 4.0 of the PHPGurukul Student Record System. The vulnerability stems from a lack of validation of external input SQL statements in the id parameter of edit-std.php, which can be exploited by remote...

PHPGurukul Student Record System SQL注入漏洞

PHPGurukul Student Record System is an application that is vulnerable to SQL injection. The vulnerability stems from a lack of validation of external input SQL statements in the cid parameter of edit-course.php, which can be exploited by remote attackers to through to execute arbitrary SQL...

PHPGurukul Student Record System SQL Injection Vulnerability (CNVD-2022-58221)

PHPGurukul Student Record System is an application. A SQL injection vulnerability exists in PHPGurukul Student Record System version 4.0, which stems from the lack of validation of externally entered SQL statements in the sid parameter of edit-sub.php, and can be exploited by remote attackers to...

Sql injection

SQL injection vulnerability in Learning Management System v 1.0 allows remote attackers to execute arbitrary SQL statements through the id parameter to obtain sensitive database information...

Sourcecodester Alumni Management System SQL Injection Vulnerability

Sourcecodester Alumni Management System is a Php, Mysql-based alumni management system from Sourcecodester, Inc. SourceCodester Alumni Management System version 1.0 is vulnerable to SQL injection, which allows remote attacker can exploit this vulnerability to execute arbitrary SQL statements via...