kkcms SQL Injection Vulnerability

kkcms is an open source video capture and playback system. The system is mainly used to automatically capture video resources and provide online playback. kkcms v1.3.7 version has a SQL injection vulnerability, the vulnerability originates from /template/wapian/vlist.php does not filter the...

YouDianCMS SQL Injection Vulnerability (CNVD-2022-59019)

YouDianCMS is a website CMS. A SQL injection vulnerability exists in YouDianCMS v9.5.0, which originates from the lack of validation of the IdList parameter at /App/Lib/Action/Home/ApiAction.class.php against external SQL input. This vulnerability can be exploited to execute illegal SQL commands ...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68965)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /gettimetable.php?id=The page lacks validation for external SQL statements, which cou...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68964)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getteacherprofile.php?myindex=The page lacks validation for external input SQL...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68963)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getsubjectrouting.php?id=The page lacks validation for external input SQL statements...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68960)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getgrade.php?id=The page lacks validation for external SQL statements, which could b...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68956)

Advanced School Management System, a school management system by Angel Jude Reyes Suarez, is a SQL injection vulnerability in version v1.0 of Advanced School Management System, which originates from /school/model/ getclassroom.php?id=The page lacks validation for external input SQL statements,...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68955)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getadminprofile.php?myindex=The page lacks validation for external input SQL...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68954)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getteacher.php?id=The page lacks validation for external input SQL statements, which...

Online Ordering System SQL注入漏洞

Online Ordering System is a multi-store ordering system that can be used by any small business.Online Ordering System version v2.3.2 is vulnerable to SQL injection, which originates from /ordering/index.php?q=category&search=Lack of validation of external input SQL statement validation, an attack...

Web Based Quiz System SQL注入漏洞

Web Based Quiz System is an application used for a simple online based project. Web Based Quiz System v1.0 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the eid parameter of welcome.php. An attacker could use this vulnerability to...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68958)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getexam.php?id=The page lacks validation for external input SQL statements, which ca...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68957)

Advanced School Management System, a school management system by Angel Jude Reyes Suarez, a personal developer, has a SQL injection vulnerability in version v1.0, which originates in /school/model/ getevents.php?eventid=The page lacks validation for external input SQL statements, which could be...

CVE-2021-41672

PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group can inject a malicious SQL query in order to affect the execution logic of the application and retrive information from the database...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77048)

Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to SQL injection, which originates from the /psrs/admin/?page=products/manageproduct& id= page has SQL injection problem, attackers can use the...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77050)

Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to a SQL injection vulnerability that originates in /psrs/admin/fields/viewfield.php?id=page. SQL injection problem, an attacker can use this vulnerabilit...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77049)

Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to a SQL injection vulnerability that originates in /psrs/admin/fields/managefield.php?id=page. SQL injection problem, an attacker can use this...

Amodat Mobile Application Gateway SQL Injection Vulnerability

Amodat Mobile Application Gateway, a mobile application gateway from Amodat Israel, is vulnerable to a SQL injection vulnerability in versions prior to 7.12.00.09, which stems from a lack of validation of external input by agentid SQL statement validation. An attacker could use this vulnerability...

Advanced School Management System SQL注入漏洞

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getsubjectrouting.php?id=The page lacks validation for external input SQL statements...

CVE-2022-31447

An XML external entity XXE injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file...