CVE-2013-4717

CVE-2013-4717 documents multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help Desk. Affected releases: OTRS 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9. Vulnerability arises from improper handling in modules Kernel/Output/HTML/PreferencesCustomQueue...

CVE-2013-4717

Multiple SQL injection vulnerabilities in Open Ticket Request System OTRS Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm,...

CVE-2021-37557

A SQL injection vulnerability in image generation in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote authenticated but low-privileged attackers to execute arbitrary SQL commands via the include/views/graphs/generateGraphs/generateImage.php index parameter...

Fortinet FortiPortal SQL注入漏洞

Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi, and FortiAP product lines that can be used as a virtual machine for MSPs. vulnerability, which stems from the product's failure to adequately clean...

WordPress WooCommerce Plugin SQL Injection

An SQL injection vulnerability exists in WordPress WooCommerce Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

Exploit for SQL Injection in Virtuasoftware Cobranca

My CVEs Collection of PoC to my C...

CVE-2021-32789 Arbitrary SQL (SQL injection) possible via the Store API component.

woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be...

PHPGurukul Student Record System SQL Injection Vulnerability (CNVD-2022-58222)

PHPGurukul Student Record System is an application that is vulnerable to SQL injection in version 4.0 of the PHPGurukul Student Record System. The vulnerability stems from a lack of validation of external input SQL statements in the id parameter of edit-std.php, which can be exploited by remote...

PHPGurukul Student Record System SQL注入漏洞

PHPGurukul Student Record System is an application that is vulnerable to SQL injection. The vulnerability stems from a lack of validation of external input SQL statements in the cid parameter of edit-course.php, which can be exploited by remote attackers to through to execute arbitrary SQL...

PHPGurukul Student Record System SQL Injection Vulnerability (CNVD-2022-58221)

PHPGurukul Student Record System is an application. A SQL injection vulnerability exists in PHPGurukul Student Record System version 4.0, which stems from the lack of validation of externally entered SQL statements in the sid parameter of edit-sub.php, and can be exploited by remote attackers to...

Sql injection

SQL injection vulnerability in Learning Management System v 1.0 allows remote attackers to execute arbitrary SQL statements through the id parameter to obtain sensitive database information...

Sourcecodester Alumni Management System SQL Injection Vulnerability

Sourcecodester Alumni Management System is a Php, Mysql-based alumni management system from Sourcecodester, Inc. SourceCodester Alumni Management System version 1.0 is vulnerable to SQL injection, which allows remote attacker can exploit this vulnerability to execute arbitrary SQL statements via...

Sourcecodester Simple College Website SQL Injection Vulnerability

Sourcecodester Simple College Website is a Sourcecodester open source application. A content management system. SourceCodester Simple College Website v 1.0 is vulnerable to SQL injection, which can be exploited by remote attackers to execute arbitrary SQL statements against news.php via the id...

SourceCodester Fantastic Blog CMS SQL Injection Vulnerability

SourceCodester Fantastic Blog CMS is an application. Absolutely brilliant web content management system for blogs/posts. SourceCodester Fantastic Blog CMS has a security vulnerability that can be exploited by attackers to execute arbitrary SQL statements via the id parameter to category.php...

SourceCodester Sales and Inventory System SQL Injection Vulnerability

Bakeshop Inventory System is a bakery inventory management system. sourceCodester Sales and Inventory System has a security vulnerability that can be exploited by remote attackers to execute arbitrary SQL statements via the id parameter to ahiraadmin Inventory . php...

CASAP Automated Enrollment SQL Injection Vulnerability (CNVD-2021-57782)

CASAP Automated Enrollment is an automated enrollment system for the CASAP organization in the United States. The purpose of the project is to provide CASAP with an automated enrollment system to streamline the school process and make it more effective, efficient and easy to retrieve...

CASAP Automated Enrollment SQL Injection Vulnerability (CNVD-2021-57785)

CASAP Automated Enrollment is an automated enrollment system for the CASAP organization. The goal of this project is to provide CASAP with an automated enrollment system to streamline the school's processes and make them more effective, efficient and easily retrievable. SourceCodester Alumni...

CVE-2021-25205

SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php...

Sql injection

SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to subcat.php...

Sql injection

SQL injection vulnerability in SourceCodester Theme Park Ticketing System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to viewuser.php...