PHPGurukul e-Diary Management System 注入漏洞

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /manage-notes.php. An attacker can...

WordPress Shuffle plugin SQL injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Shuffle plugin suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements. An attacker can exploit this...

Apartment Visitors Management System mobilenumber parameter SQL Injection Vulnerability

Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter mobilenumber of file /admin-profile.php...

Modern Bag login.php File SQL Injection Vulnerability

Modern Bag is an online management system. Modern Bag suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameters userEmail/userPassword in the /login.php file. An attacker can exploit this vulnerability to execute...

Mingyuan Cloud Real Estate ERP System 注入漏洞

Mingyuan Cloud Real Estate ERP System is a real estate business management software from China-based Mingyuan Cloud. An injection vulnerability exists in Mingyuan Cloud Real Estate ERP System version 1.0, which originates from SQL injection and could allow a remote attacker to obtain, update, and...

WordPress Hero Mega Menu plugin SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

PHPGurukul Apartment Visitors Management System 注入漏洞

Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the editid parameter of file /visitor-detail.php. An...

PHPGurukul Online Shopping Portal 注入漏洞

Online Shopping Portal is an online store. Online Shopping Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the product-details.php file. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...

Mattermost SQL Injection Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a SQL injection vulnerability that stems from the use of uncompiled statements, which can be exploited by an attacker to retrieve database data via a specially designed sorting...

WordPress plugin Legoeso PDF Manager SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Quanxun School Affairs System 安全漏洞

Quanxun School Affairs System is a school affairs system from Quanxun. A security vulnerability exists in Quanxun School Affairs System. An attacker can exploit the vulnerability to view specific pages and obtain database information as well as plaintext administrator credentials...

Student Grading System SQL Injection Vulnerability (CNVD-2025-03172)

Student Grading System is a student grading system. A SQL injection vulnerability exists in Student Grading System version 1.0, which stems from a lack of validation of externally entered SQL statements in the parameter id of the file /viewstudents.php. An attacker can exploit this vulnerability ...

WordPress Plugin WPMU Prefill Post SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists in WordPress plugin WPMU Prefill Post version 1.02 and earlier...

Smarts Smart Agent interface.php Page SQL Injection Vulnerability

Smarts Smart Agent is a powerful, flexible and scalable tool from Smarts for monitoring wireless network performance and services from the end user's perspective. An SQL injection vulnerability exists in Smarts Smart Agent v1.1.0, which stems from a lack of validation of externally entered SQL...

Smarts Smart Agent 安全漏洞

Smarts Smart Agent is a powerful, flexible and scalable tool from Smarts for monitoring wireless network performance and services from the end user's perspective. An SQL injection vulnerability exists in Smarts Smart Agent v1.1.0, which stems from a lack of validation of externally entered SQL...

Apache Traffic Control SQL Injection Vulnerability

Apache Traffic Control is the United States Apache Apache Foundation's set of distributed , scalable content delivery solutions. The product is mainly used to build large-scale content delivery network. Apache Traffic Control suffers from a SQL injection vulnerability that stems from a lack of...

Dell Avamar SQL Injection Vulnerability (CNVD-2024-49614)

Dell Avamar is a purpose-built backup application from Dell, Inc. It is designed to provide a conveniently sized, turnkey, affordable, deduplicated backup solution. Dell Avamar suffers from a SQL injection vulnerability that arises from an improper neutralization of special elements used in SQL...

JetBrains YouTrack Information Disclosure Vulnerability

JetBrains YouTrack is a project management tool developed by JetBrains that supports cloud hosting and local deployment. JetBrains YouTrack suffers from an information disclosure vulnerability that can be exploited by an attacker to obtain database data...

CVE-2024-51165

SQL injection vulnerability in JEPAAS7.2.8, via /je/rbac/rbac/loadLoginCount in the dateVal parameter, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

JEPaaS 安全漏洞

JEPaaS is a rapid development platform from China's Kate Weiye JEPaaS. A security vulnerability exists in JEPaaS version 7.2.8. An attacker exploiting the vulnerability can retrieve all information stored in the database...