13181 matches found
CVE-2024-37872
SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter...
Payroll Management System 安全漏洞
Payroll Management System is a payroll management system. A SQL injection vulnerability exists in Payroll Management System version 1.0, which stems from the application's lack of validation of externally entered SQL statements. A remote attacker can exploit this vulnerability to execute arbitrar...
CVE-2024-37871
SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the email parameter...
Online Discussion Forum Security Vulnerabilities
Online Discussion Forum is a forum website. A security vulnerability exists in Online Discussion Forum version 1.0, which originates from a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via email parameters...
CVE-2024-37873
CVE-2024-37873 describes an SQL injection in the Itsourcecode Payroll Management System Project In PHP With Source Code 1.0, through the id parameter of view_payslip.php. The root cause is unsafely constructed SQL statements allowing remote attackers to inject arbitrary SQL. Affects: view_payslip...
CVE-2024-37872
SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter...
The vulnerability of the add-expense.php script of the Daily Expenses Management System allows a perpetrator to execute arbitrary SQL commands.
The vulnerability of the add-expense.php file in the Daily Expenses Management System is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary SQL commands using specially created POST...
CVE-2024-29390
Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend database. This can be done...
CVE-2024-37840
SQL injection vulnerability in processscore.php in Itsourcecode Learning Management System Project In PHP With Source Code v1.0 allows remote attackers to execute arbitrary SQL commands via the LessonID parameter...
Boelter Blue System Management 1.3 - SQL Injection Vulnerability
Exploit Title: SQL Injection Vulnerability in Boelter Blue System Management version 1.3 Google Dork: inurl:"Powered by Boelter Blue" Exploit Author: CBKB DeadlyData, R4d1x Vendor Homepage: https://www.boelterblue.com Software Link:...
WordPress Plugin "Music Store - WordPress eCommerce" vulnerable to SQL injection
Overview WordPress Plugin "Music Store - WordPress eCommerce" provided by CodePeople contains an SQL injection vulnerability CWE-89. Daiki Sato of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
The vulnerability in the projets.php script of the SOPlanning CMS system allows a hacker to execute arbitrary SQL queries.
The vulnerability of the projets.php script within the SOPlanning CMS system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
SQL Injection
terminal42/contao-tablelookupwizard is vulnerable to SQL Injection. The vulnerability is caused by insufficient sanitization of widget values before they are passed to the database, which allows an attacker to execute arbitrary SQL commands...
CVE-2024-35469
A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter...
CVE-2024-35468
A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter...
CVE-2024-35468
A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter...
Human Resource Management System security breach
Human Resource Management System is a human resource management system by maverickosama Personal Developer. A security vulnerability exists in SourceCodester Human Resource Management System version 1.0, which originates from a SQL injection vulnerability that allows an attacker to execute...
CVE-2024-33402
A SQL injection vulnerability in /model/approvepettycash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33808
A SQL injection vulnerability in /model/gettimetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33804
A SQL injection vulnerability in /model/getsubject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...