EyesOfNetwork SQL Injection Vulnerability

EyesOfNetwork EON is an open source, free IT monitoring solution from the EyesOfNetwork community. The solution provides features such as a business process configuration tool, generating pop-up windows when events occur in the active queue, and more. EyesOfNetwork EON 5.3.11 and prior versions...

Strapi SQL Injection Vulnerability

Strapi is an open source content management system CMS. versions of Strapi prior to 3.6.10 and 4.0.0 and later, and prior to 4.1.10, contain a SQL injection vulnerability that stems from its incorrect handling of hidden attributes in admin API responses. An attacker could exploit the vulnerabilit...

Online Tours

Online Tours & Travels Management System is an online travel management system developed by Mayuri K. A SQL injection vulnerability exists in Online Tours & Travels Management System v1.0, which originates from /admin/update The id parameter of traveller.php lacks validation for external input SQ...

Wedding Planner package_detail.php SQL Injection Vulnerability

Wedding Planner is a wedding planner program. Designed to provide users with an easy way to plan their wedding through a web application while using real data. Wedding Planner v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of the id parameter in...

Online Leave Management System Master.php?f=delete_leave_type SQL Injection Vulnerability

Online Leave Management System is an online leave management system. SQL injection vulnerability exists in Online Leave Management System v1.0, which originates from /leavesystem/classes/Master.php?f=delete leavetype lacks validation for external input SQL statements. An attacker could use this...

Online Leave Management System SQL Injection Vulnerability

Online Leave Management System is an online leave management system. SQL injection vulnerability exists in Online Leave Management System v1.0, which originates in /leavesystem/classes/Master.php?f=delete application lacks validation of externally entered SQL statements. An attacker could use thi...

Online Pet Shop We App Master.php?f=delete_order SQL Injection Vulnerability

Online Pet Shop We App is an online pet store web application by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Online Pet Shop We App version 1.0, which originates from a lack of validation of externally entered SQL statements in the...

Rails 代码问题漏洞

Rails is a set of open source web application frameworks based on the Ruby language by the American Rails team. Rails has a security vulnerability that stems from the fact that when serialized columns using YAML the default are deserialized, Rails uses YAML.unsafeload to transform the YAML data...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11174)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /admin/?page= reports/stockout&month= is missing validation of external...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11175)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the month parameter of...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11176)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /admin/?page= user/manageuser&id= is missing validation for external input SQ...

CVE-2022-22897

A SQL injection vulnerability in the productalloneimg and imageproduct parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data...

The vulnerability of the TeamPass password manager, related to security configuration errors, allows a hacker to access information from the database.

The vulnerability of the TeamPass password manager is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain information from the database...

Pharmacy Management System getproductreport.php SQL Injection Vulnerability

Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from the getproductreport.php startDate parameter in getproductreport.php lacks validation for...

Pharmacy Management System getOrderReport.php SQL Injection Vulnerability

Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from the getOrderReport.php startDate parameter in getOrderReport.php lacks validation for extern...

Pharmacy Management System edituser.php SQL Injection Vulnerability

Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from a lack of validation of external input SQL in the id parameter of edituser.php statements. A...

Pharmacy Management System getsalereport.php SQL Injection Vulnerability

Pharmacy Management System MPMS is a multi-lingual pharmacy management system by Mayuri K. Personal developer. version v1.0 of Pharmacy Management System is vulnerable to SQL injection, which stems from the startDate parameter in getsalereport.php parameter in getsalereport.php lacks validation f...

Simple E-Learning System classRoom.php SQL Injection Vulnerability

Simple e-Learning System is a simple e-learning system from Carlo Montero's personal developer. version v1.0 of Simple E-Learning System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the classRoom.php file. An attacker could use the...

Sql injection

An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A PresAbs.php SQL Injection vulnerability allows unauthenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based. An unauthenticated attacker...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77045)

Product Show Room Site is a kind of product show room website by Carlo Montero's personal developer. product show room site v1.0 version exists SQL injection vulnerability, the vulnerability originates from the existence of the id parameter in /psrs/?p=products/viewproduct&id SQL injection, an...