Simple Client Management System SQL注入漏洞

Simple Client Management System is a simple client management system from Carlo Montero's personal developer. version 1.0 of Simple Client Management System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in cms/admin?page=client/ The...

Mybatis-PageHelper SQL Injection Vulnerability

Mybatis-PageHelper is a paging plug-in. An SQL injection vulnerability exists in Mybatis-PageHelper versions 1.0 inclusive through 5.3.0 inclusive, which stems from the orderBy parameter's lack of validation for external input SQL statements. An attacker could use this vulnerability to execute...

EmpireCMS SQL Injection Vulnerability

EmpireCMS Empire Content Management System is an open source content management system CMS. EmpireCMS version 7.5 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in AdClass.php and can be exploited to execute illegal SQL commands to steal...

WordPress Hermit plugin SQL injection vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The WordPress Hermit plugin 3.1.6 and previous versions are vulnerable to SQL injection, which stems from the la...

Ed01-Cms SQL Injection Vulnerability (CNVD-2022-79912)

Ed01-Cms is a Cms project in the Udemy course. version 20180505 of ED01-CMS is vulnerable to a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in post.php. An attacker could use this vulnerability to execute illegal SQL commands to steal...

CuppaCMS SQL Injection Vulnerability (CNVD-2022-63582)

CuppaCMS is a content management system CMS. SQL injection vulnerability exists in CuppaCMS v1.0, which originates from the missing validation of external input in the menufilter parameter in /administrator/templates/default/html/windows/right.php. SQL statement validation. An attacker could use...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35534）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=siteoptions&social=display&value=0&sid=midsid parameter missing validation of external...

Student Grading System SQL Injection Vulnerability (CNVD-2022-44234)

Student Grading System is a student grading system from Carlo Montero's personal developer. v1.0 of Student Grading System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35533）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability, which originates from /admin.php?id=siteoptions&social=edit&sid=insid parameter missing validation of external input...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35522）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/uesrs.php & action=display & value=Show & userid= where the userid parameter lacks validati...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35520）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin/uesrs.php & action=type & userrole=User & userid= in the userid parameter missing validation of...

Attendance and Payroll System SQL注入漏洞（CNVD-2022-33145）

Attendance and Payroll System is a PHP/MySQLi source code attendance and payroll system from oretnom23 individual developers. version v1.0 of Attendance and Payroll System is vulnerable to SQL injection, which originates from the component adminemployee delete.php lacks validation of external inp...

Simple Real Estate Portal System SQL注入漏洞（CNVD-2022-43405）

Simple Real Estate Portal System is a real estate portal system from Carlo Montero's personal developer. version v1.0 of Simple Real Estate Portal System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

Attendance and Payroll System SQL注入漏洞（CNVD-2022-33149）

Attendance and Payroll System is an attendance and payroll system using PHP/MySQLi source code from oretnom23 individual developers.Attendance and Payroll System v1.0 is vulnerable to SQL injection, which originates from the component adminattendanceedit.php lacks validation for external input SQ...

Home Owners Collection Management System SQL注入漏洞（CNVD-2022-43866）

Home Owners Collection Management System is a homeowner collection management system. Home Owners Collection Management System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35536）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from the lack of validation of external input SQL in the /admin.php?id=posts & action=display & value=1 &...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35525）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/siteoptions.php & social=remove & sid= where the sid parameter lacks validation for externa...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35526）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/siteoptions.php & action=displaygoal & value=1 & roleid= where the roleid parameter is...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35531）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/inbox.php & action=delete & msgid= where the msgid parameter lacks validation for external...

Attendance and Payroll System SQL注入漏洞（CNVD-2022-33143）

Attendance and Payroll System is a PHP/MySQLi source code attendance and payroll system by oretnom23 individual developers. version v1.0 of Attendance and Payroll System is vulnerable to SQL injection, which originates from the component adminovertime delete.php lacks validation of external input...