CVE-2021-24185 Tutor LMS < 1.7.7 - SQL Injection via tutor_place_rating

The tutorplacerating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students...

School Registration And Fee System 1.0 SQL Injection Vulnerability

Exploit Title: School Registration and Fee System | 'username ' Blind SQL Injection Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/10932/school-registration-and-fee-system.html Version: 1.0 Tested On: Windows 10 Hom...

School Registration And Fee System 1.0 SQL Injection

Exploit Title: School Registration and Fee System | 'username ' Blind SQL Injection Exploit Author: Richard Jones Date: 01-04-2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/10932/school-registration-and-fee-system.html Version: 1.0 Tested O...

Mail.ru: Blind SQL in id_locality GET param on [city-mobil.ru/taxiserv]

SQL injection in city-mobil.ru/taxiserv due to unsafe usage of GET parameter...

CVE-2021-27316

Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via lastname parameter...

Sql injection

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter...

Sql injection

Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via lastname parameter...

Sql injection

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter...

Sql injection

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via email parameter...

CVE-2021-27320

Doctor Appointment System 1.0 is affected by a Blind SQL Injection in contactus.php, exploitable via the firstname parameter by an unauthenticated attacker. The issue arises from improper input handling that allows arbitrary SQL execution, with potential data access/manipulation as described in m...

CVE-2021-27319

Summary: CVE-2021-27319 = Blind SQL injection in Doctor Appointment System 1.0, in contactus.php. An unauthenticated attacker can inject SQL through the email parameter, enabling arbitrary queries and potential data exposure/manipulation through the database. Affected software/component: Doctor A...

CVE-2021-27316

Doctor Appointment System 1.0 is affected by a Blind SQL Injection in contactus.php, exploitable by unauthenticated users via the lastname parameter. The CVE entry (CVE-2021-27316) is supported by multiple sources (NVD/Nuclei/RH/others) describing the vulnerability as SQL injection that could all...

CVE-2021-27316

Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via lastname parameter...

CVE-2021-27315

Doctor Appointment System 1.0 is affected by a Blind SQL injection in contactus.php, exploitable via the comment parameter. The root cause is lack of input validation on the comment field, allowing an unauthenticated attacker to inject and execute arbitrary SQL commands. Impact described includes...

CVE-2021-27315

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter...

Exploit for SQL Injection in Icegram Email_Subscribers_\&_Newsletters

CVE-2019-20361-EXPLOIT There was a flaw in the WordPress plugi...

SEO Panel 4.8.0 - (order_col) Blind SQL Injection Vulnerability

Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection Exploit Author: Piyush Patil Vendor Homepage: https://www.seopanel.org/ Software Link: https://github.com/seopanel/Seo-Panel/releases/tag/4.8.0 Version: 4.8.0 Reference - https://github.com/seopanel/Seo-Panel/issues/209 Step 1 - Logi...

SEO Panel 4.8.0 - &#039;order_col&#039; Blind SQL Injection (1)

Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection 1 Date: 17/02/2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.seopanel.org/ Software Link: https://github.com/seopanel/Seo-Panel/releases/tag/4.8.0 Version: 4.8.0 Reference -...

PT-2021-17861 · Seo Panel · Seo Panel

Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.8.0 Description: The issue concerns a time-based blind SQL injection vulnerability in the order col parameter of the archive.php file. This vulnerability allows an attacker to retrieve all databases. Recommendations: For S...

wpDataTables < 3.4.2 - Blind SQL Injection via start Parameter

The plugin allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=getwdtableid=1, on the 'start' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain...