Student Grading System SQL注入漏洞

Student Grading System is a student grading system from Carlo Montero's personal developer. v1.0 of Student Grading System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35529）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/pagerole.php & action=display & value=1 & roleid= where the roleid parameter lacks validati...

Sourcecodester Baby Care System SQL注入漏洞

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=siteoptions&social=display&value=0&sid=midsid parameter missing validation of external...

Sourcecodester Baby Care System SQL注入漏洞

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability, which originates from /admin.php?id=siteoptions&social=edit&sid=insid parameter missing validation of external input...

Sourcecodester Baby Care System SQL注入漏洞

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/inbox.php & action=read & msgid= where the msgid parameter lacks validation for external...

McAfee Agent SQL Injection Vulnerability

Mcafee McAfee Agent MA is a client component from Mcafee that provides secure communication between ePolicy Orchestrator antivirus management platform and the managed products.A SQL injection vulnerability exists in versions prior to McAfee Agent 5.7.6, which stems from the application Lack of...

Roothub SQL Injection Vulnerability (CNVD-2022-44243)

Roothub is a forum system developed using SSM and MySQL.Roothub suffers from a SQL injection vulnerability, which stems from the lack of validation of external input SQL statements in the s parameter of the Topics Searching feature, and can be exploited by attackers to execute illegal SQL command...

CSZ CMS SQL Injection Vulnerability (CNVD-2022-30781)

CSZ CMS is a PHP-based open source content management system CMS. CSZ CMS version 1.2.2 contains a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in cszcmsadminMemberseditUser and can be exploited by attackers to execute illegal SQL...

Roothub SQL Injection Vulnerability

Roothub is a forum system developed using SSM and MySQL.Roothub is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the s parameter of the Topics Counting feature, and can be exploited by attackers to execute illegal SQL commands to steal...

CSZ CMS SQL Injection Vulnerability (CNVD-2022-30780)

CSZ CMS is a PHP-based open source content management system CMS. cszcmsadminMembersviewUsers version 1.2.2 contains a SQL injection vulnerability, which originates from the lack of validation of externally entered SQL statements and can be exploited by attackers to execute illegal SQL commands t...

CSZ CMS SQL Injection Vulnerability (CNVD-2022-30778)

CSZ CMS is a PHP-based open source content management system CMS. CSZ CMS version 1.2.2 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in cszcmsadminUserseditUser, and can be used by attackers to execute illegal SQL commands to obtain...

Pimcore SQL注入漏洞

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce frameworks and product information management applications.A SQL injection vulnerability exists in...

JHipster SQL注入漏洞

JHipster is an open source application builder that develops web applications and microservices primarily using Angular or React and Spring Framework.JHipster suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements, whic...

Joomla! SQL Injection Vulnerability (CNVD-2022-64102)

Joomla! is a set of forum components used in the Joomla! content management system. SQL injection vulnerabilities exist in versions 3.0.0 through 3.10.6 and 4.0.0 through 4.1.0. The vulnerability stems from the application's lack of validation of externally entered SQL statements. An attacker cou...

Shopware B2B-Suite SQL Injection Vulnerability (CNVD-2022-82575)

Shopware is a suite of e-commerce software from the German company Shopware.Shopware B2B-Suite 4.4.1 and prior versions are vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements applied to the sort-by parameter of the search function. An authenticat...

SourceCodester One Church Management System SQL注入漏洞

SourceCodester One Church Management System is an application of SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester One Church Management System version 1.0, which stems from The search2 parameter of attachancy.php lacks validation for external input SQL statements, which...

WordPress Sync WooCommerce Product feed to Google Shopping plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Sync WooCommerce Product feed to Google Shopping plugin has a SQL injection vulnerability The vulnerability stems from the...

WordPress Title Experiments Free plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Title Experiments Free plugin version 9.0.1 prior to the SQL injection vulnerability, the vulnerability stems from the use o...

Forkcms SQL Injection Vulnerability

forkcms is an open source CMS that uses Symfony components. forkcms is vulnerable to SQL injection, which can be exploited by attackers to tamper with database data...

Money Transfer Management System SQL Injection Vulnerability

A SQL injection vulnerability exists in Money Transfer Management System version 1.0, a money transfer management system. The vulnerability stems from missing validation of external input SQL statements in the id parameter in admin/maintenance/managebranch.php and admin/maintenance/managefee.php...