1130 matches found
ChatBot Application with a Suggestion Feature SQL Injection Vulnerability
ChatBot Application with a Suggestion FeatureA ChatBot application with a suggestion feature. chatBot Application with a Suggestion Feature v1.0 is vulnerable to a SQL injection vulnerability in /simple chatbot/classes/Master.php?f=deleteresponse, id is missing validation for external input SQL...
Covid-19 Travel Pass Management System SQL Injection Vulnerability (CNVD-2022-68948)
Covid-19 Travel Pass Management System is a Covid-19 travel pass management system. It provides an online platform for submitting travel passes within the Covid-19 restrictions. SQL injection vulnerability exists in the Covid-19 Travel Pass Management System v1.0 version, which originates from...
Home Clean Services Management System SQL Injection Vulnerability
Home Clean Services Management System is a home cleaning service system. version 1.0 of Home Clean Services Management System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
Sql injection
Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...
School Dormitory Management System SQL Injection Vulnerability (CNVD-2022-66687)
School Dormitory Management System is a school dormitory management system. SQL injection vulnerability exists in School Dormitory Management System v1.0, which originates from /dms/admin/reports/dailycollection The report.php parameter lacks validation for external input SQL statements. An...
SPIP SQL Injection Vulnerability
SPIP is a web-based content publishing system. A SQL injection vulnerability exists in SPIP version 3.1.13 and earlier, which stems from a lack of validation of external input SQL statements in the liertrad and where parameters of /ecrire. An attacker could use this vulnerability to execute illeg...
Air Cargo Management System SQL Injection Vulnerability (CNVD-2022-58095)
Air Cargo Management System is an air cargo management system. version 1.0 of Air Cargo Management System is vulnerable to SQL injection, which originates from /acms/classes/Master.php?f=deletecargo missing filtering and An attacker can use this vulnerability to execute illegal SQL commands to...
CVE-2022-30012
In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection...
Online Sports Complex Booking System SQL注入漏洞(CNVD-2022-58677)
Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. version 1.0 of Online Sports Complex Booking System is vulnerable to SQL injection, which originates in scbs/classes/ Master.php?f=delete, the id parameter of the post request lacks...
Simple Client Management System SQL注入漏洞(CNVD-2022-57768)
Simple Client Management System is a simple client management system from Carlo Montero's personal developer. version 1.0 of Simple Client Management System is vulnerable to a SQL injection vulnerability that originates in /cms/admin/?page= client/viewclient&id= lacks validation of external input...
Online Sports Complex Booking System SQL注入漏洞(CNVD-2022-58670)
Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. page=user/manageuser&id= lacks validation of external input SQL statements, which can be exploited to execute illegal SQL commands to steal sensitive database data...
Online Sports Complex Booking System SQL注入漏洞(CNVD-2022-58668)
Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. page=clients/manageclient&id= lacks validation of external input SQL statements, which could be exploited to execute illegal SQL commands to steal sensitive database data...
Simple Client Management System SQL注入漏洞(CNVD-2022-57776)
Simple Client Management System is a simple client management system from Carlo Montero's personal developer. version 1.0 of Simple Client Management System is vulnerable to SQL injection, which originates from a vulnerability in /cms/classes/Master. php?f=deleteservice, the id parameter of the...
Online Sports Complex Booking System SQL注入漏洞(CNVD-2022-58675)
Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. Online Sports Complex Booking System version 1.0 is vulnerable to a SQL injection vulnerability that originates in scbs/classes/ Master.php?f=deletecategory, the id parameter of the po...
Simple Client Management System SQL注入漏洞(CNVD-2022-57771)
Simple Client Management System is a simple client management system from Carlo Montero's personal developer. version 1.0 of Simple Client Management System is vulnerable to a SQL injection vulnerability that originates in /cms/admin/?page=user/ The vulnerability is caused by the lack of validati...
Online Sports Complex Booking System SQL注入漏洞(CNVD-2022-58676)
Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. Online Sports Complex Booking System version 1.0 is vulnerable to a SQL injection vulnerability that originates in scbs/classes/ Master.php?f=deletefacility, the id parameter of the po...
Online Sports Complex Booking System SQL注入漏洞(CNVD-2022-58669)
Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. page=facilities/managefacility&id= lacks validation of external input SQL statements, which can be exploited to execute illegal SQL commands to steal sensitive database data...
Online Sports Complex Booking System SQL注入漏洞(CNVD-2022-58671)
Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. Online Sports Complex Booking System version 1.0 is vulnerable to a SQL injection vulnerability that originates in /scbs/admin/ bookings/viewbooking.php?id=, an attacker can execute...
Cambium Networks cnMaestro SQL注入漏洞
Cambium Networks cnMaestro is a cloud-based or native software platform from Cambium Networks for secure end-to-end network control. An SQL injection vulnerability exists in Cambium Networks cnMaestro. An attacker could exploit this vulnerability to filter and dump all data in the cnMaestro...
Simple Client Management System SQL注入漏洞
Simple Client Management System is a simple client management system from Carlo Montero's personal developer. version 1.0 of Simple Client Management System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in cms/admin?page=client/ The...