ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

Simple Online Mens Salon Management System SQL Injection Vulnerability (CNVD-2023-65139)

Simple Online Mens Salon Management System is open source a men's salon management system . Simple Online Mens Salon Management System v1.0 version of the SQL injection vulnerability, the vulnerability stems from the file /admin/?page=user/manageuser &id=3 parameter id lack of validation of...

CVE-2023-3743

Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the productoneimg parameter to retrieve the information stored in the database...

ChatEngine SQL Injection Vulnerability

ChatEngine is a Java web application . A SQL injection vulnerability exists in ChatEngine v1.0, which originates from the textMessage parameter of /src/chatbotapp/chatWindow.java that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

ChatEngine SQL注入漏洞

ChatEngine is a Java web application . A SQL injection vulnerability exists in ChatEngine v1.0, which originates from the textMessage parameter of /src/chatbotapp/chatWindow.java that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

PT-2023-3472 · Ipswitch · Moveit Transfer

Name of the Vulnerable Software and Affected Versions: MOVEit Transfer versions prior to 2020.1.11 12.1.11 MOVEit Transfer versions prior to 2021.0.9 13.0.9 MOVEit Transfer versions prior to 2021.1.7 13.1.7 MOVEit Transfer versions prior to 2022.0.7 14.0.7 MOVEit Transfer versions prior to 2022.1...

CVE-2023-32115

An attacker can exploit MDS COMPARE TOOL and use specially crafted inputs to read and modify database commands, resulting in the retrieval of additional information persisted by the system...

Glitter Unicorn Wallpaper 安全漏洞

Glitter unicorn wallpaper is a wallpaper application. A security vulnerability exists in Glitter Unicorn Wallpaper versions 7.0 through 8.0, which stems from a vulnerability that allows an unauthorized application to actively request permission to modify data in a database, which could be tampere...

Piwigo SQL Injection Vulnerability (CNVD-2023-41503)

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. Piwigo suffers from an SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in t...

Lost and Found Information System index.php File SQL Injection Vulnerability

Lost and Found Information System is a lost and found information system. A SQL injection vulnerability exists in Lost and Found Information System v1.0, which originates from the parameter cid in the file items/index.php that lacks validation of externally entered SQL statements. An attacker can...

File Tracker Manager System SQL Injection Vulnerability

File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameter newpassword in the file register/updatepassword.php against externally entered SQL statements. A...

Service Provider Management System SQL Injection Vulnerability

Service Provider Management System is a web-based application by Carlo Montero, an individual developer. It is designed to provide dynamic websites for service provider companies. A SQL injection vulnerability exists in Service Provider Management System version 1.0, which is caused by an incorre...

Service Provider Management System SQL Injection Vulnerability (CNVD-2023-38189)

Service Provider Management System is a web-based application by Carlo Montero, an individual developer. It is designed to provide dynamic websites for service provider companies. A SQL injection vulnerability exists in Service Provider Management System version 1.0, which can be exploited by...

OURPHP SQL Injection Vulnerability

OURPHP is OURPHP open source an open source, cross-platform, enterprise-level + e-commerce + applet + APP multi-terminal synchronization CMS station-building system. OURPHP version 7.2.0 and previous versions exist SQL injection vulnerability. The vulnerability stems from the application's lack o...

Campcodes Coffee Shop POS System SQL Injection Vulnerability (CNVD-2023-38606)

Campcodes Coffee Shop POS System is a coffee shop POS system from Campcodes. Campcodes Coffee Shop POS System v1.0 suffers from a SQL injection vulnerability, which stems from a lack of validation of the parameter id of the file manageuser.php against externally-entered SQL statements, which can ...

Campcodes Coffee Shop POS System SQL Injection Vulnerability (CNVD-2023-38609)

Campcodes Coffee Shop POS System is a coffee shop POS system from Campcodes. A SQL injection vulnerability exists in Campcodes Coffee Shop POS System version 1.0, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

Campcodes Coffee Shop POS System SQL Injection Vulnerability (CNVD-2023-38605)

Campcodes Coffee Shop POS System is a coffee shop POS system from Campcodes. Campcodes Coffee Shop POS System v1.0 suffers from a SQL injection vulnerability, which stems from the lack of validation of the parameter id of the file managesale.php against external SQL input, which can be exploited ...

Campcodes Coffee Shop POS System SQL Injection Vulnerability (CNVD-2023-38607)

Campcodes Coffee Shop POS System is a coffee shop POS system from Campcodes. Campcodes Coffee Shop POS System v1.0 suffers from a SQL injection vulnerability, which stems from the lack of validation of external SQL input in the parameter id of the file viewproduct.php, which can be exploited by a...

Yoga Class Registration System SQL Injection Vulnerability

Yoga Class Registration System is a yoga class registration system. A SQL injection vulnerability exists in Yoga Class Registration System v1.0, which originates from the lack of validation of the cid parameter in /admin/login.php against external SQL input. An attacker can exploit this...

Campcodes Advanced Online Voting System SQL Injection Vulnerability (CNVD-2023-29415)

Campcodes Advanced Online Voting System is an online voting system. The Campcodes Advanced Online Voting System v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter description of the file /admin/positionsadd.ph...