CVE-2021-41472

SQL injection vulnerability in Sourcecodester Simple Membership System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password parameters...

CVE-2021-41471

SQL injection vulnerability in Sourcecodester South Gate Inn Online Reservation System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the email and Password parameters...

EUVD-2021-28063

SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter...

South Gate Inn Online Reservation System SQL注入漏洞

South Gate Inn Online Reservation System is a hotel online reservation system by Janobe Individual Developer. A security vulnerability exists in South Gate Inn Online Reservation System, which originated in Sourcecodester South Gate Inn Online Reservation System v1 by oretnom23, and can be...

Sourcecodester Purchase Order Management System SQL注入漏洞

Sourcecodester Purchase Order Management System is a simple purchase order management system used to manage the purchase order records of a particular company. SQL injection vulnerability exists in Sourcecodester Purchase Order Management System, which Sourcecodester Purchase Order Management...

Sql injection

SQL injection vulnerability in Sourcecodester Online Leave Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /leavesystem/classes/Login.php...

Online Reviewer System SQL注入漏洞

Online Reviewer System is a software application. An Online Reviewer System. A SQL injection vulnerability exists in Online Reviewer System, which originates from the product's password parameter not effectively filtering user input data for special characters. The vulnerability can be exploited ...

CVE-2021-43971

A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to execute arbitrary SQL commands via the filterText parameter...

Sql injection

A vulnerability has been identified in COMOS V10.2 All versions only if web components are used, COMOS V10.3 All versions V10.3.3.3 only if web components are used, COMOS V10.4 All versions V10.4.1 only if web components are used. The COMOS Web component of COMOS is vulnerable to SQL injections...

Hotel Druid SQL Injection (CVE-2021-37832)

An SQL injection vulnerability exists in Hotel Druid. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

Enalean Tuleap SQL Injection Vulnerability (CNVD-2021-103507)

Enalean Tuleap is a set of open source software development and project management tools from the French company Enalean. The tool provides enterprise application lifecycle management, as well as project tracking, source code management and team collaboration.Enalean Tuleap is vulnerable to SQL...

CVE-2021-43806

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly user settings when constructing the SQL query to browse and search commits in the CVS repositories. A authenticated malicious user with...

Genesys Intelligent Workload Distribution SQL Injection Vulnerability (CNVD-2022-05704)

Genesys Intelligent Workload Distribution is an application from Genesys, Inc. Genesys intelligent Workload Distribution is vulnerable to SQL injection in 9.0.013.11, which can be exploited by attackers to execute arbitrary SQL queries via the "ql expression" parameter to execute arbitrary SQL...

PayPal Free Source Code has an unspecified vulnerability

PayPal Free Source Code is an online registration management system. A security vulnerability exists in PayPal Free Source Code 1.0 online registration management system, which allows attackers to obtain sensitive information and execute arbitrary SQL commands via the IDNO parameter...

CVE-2021-40860

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the qlexpression parameter, with which all data in the database can be extracted and OS command execution is possible...

CVE-2021-40861

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the...

Sql injection

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the qlexpression parameter, with which all data in the database can be extracted and OS command execution is possible...

CVE-2021-40861

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the...

CVE-2021-40860

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the qlexpression parameter, with which all data in the database can be extracted and OS command execution is possible...

CVE-2021-40578

CVE-2021-40578 affects PayPal Free Source Code 1.0 Online Enrollment Management System. The vulnerability is an Authenticated Blind & Error-based SQL injection via the IDNO parameter, enabling an attacker with valid credentials to access sensitive data and execute arbitrary SQL commands. Document...