Slims8 Akasia SQL Injection Vulnerability

Slims8 Akasia is a software of the Slims community in Indonesia. It is used for library resource management e.g. books, journals, digital documents and other library materials and administration.An SQL injection vulnerability exists in Slims8 Akasia version 8.3.1, which stems from missing SQL...

Online Project Time Management System SQL Injection Vulnerability

Online Project Time Management System is a web-based online project time management system that provides an online platform for a company's employees to report/record their assigned time or time spent on each project resubmission. online project time management system A SQL injection vulnerabilit...

WordPress WooCommerce plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. SQL injection vulnerability exists in versions of...

Luocms SQL Injection Vulnerability (CNVD-2022-20130)

Luocms is an article management system. A SQL injection vulnerability exists in Luocms v2.0, which stems from a lack of validation of external input SQL statements in /admin/news/sortok.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data...

WordPress RegistrationMagic Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress RegistrationMagic Plugin prior to version 5.0.2.2, which ste...

WordPress AdRotate Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress AdRotate Plugin versions prior to 5.8.22. The vulnerability...

Taocms id parameter SQL injection vulnerability

Taocms is a micro Cms content management system in China. version 3.0.2 of Taocms is vulnerable to SQL injection, which stems from the lack of validation of externally entered SQL statements by the backend parameter id. An attacker can use this vulnerability to execute illegal SQL commands to ste...

Design/Logic Flaw

An issue was discovered in taocms 3.0.2. This is a SQL blind injection that can obtain database data through the Comment Update field...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48763）

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourcecodester Hospital Patient Record Management System v1.0 is vulnerable to SQL injection. The vulnerability is caus...

CVE-2022-23986

SQL injection vulnerability in the phpUploader v1.2 and earlier allows a remote unauthenticated attacker to obtain the information in the database via unspecified vectors...

BloofoxCms SQL注入漏洞

BloofoxCms is a Php based text content management system. A SQL injection vulnerability exists in BloofoxCms versions 0.5.1 inclusive to 0.5.2.1 inclusive due to the following parameters "URLs,langid,tmplid,modrewrite,etadoctype,metacharset,default group,page group" lacks validation of externally...

Multiple vulnerabilities in phpUploader

Overview phpUploader provided by Dojin Club MICMNIS contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2022-24435 SQL Injection CWE-89 - CVE-2022-23986 Toyama Taku reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information...

WordPress和WordPress plugin SQL注入漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. A SQL injection vulnerability exists in versions of the WordPress Futurio Extra plugin prior to 1.6.3, which stems from a lack of filtering and escaping of SQL data submitted by users. A highly privileg...

MartDevelopers iResturant SQL Injection Vulnerability (CNVD-2022-91165)

MartDevelopers Iresturant is an open source lightweight restaurant Erp from MartDevelopers Kenya. used to integrate social restaurant operations into one system. a SQL injection vulnerability exists in MartDevelopers iResturant v1.0, which stems from adding this when viewing a reservation view...

pimcore SQL Injection Vulnerability (CNVD-2022-07503)

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce framework and product information management applications. pimcore has a SQL injection vulnerability,...

WordPress RegistrationMagic plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.The WordPress RegistrationMagic plugin was vulnerable to SQL injection before 5.0.1.6, which stems from the la...

WordPress Download Monitor PluginSQL Injection Vulnerability

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.The WordPress Download Monitor Plugin has a SQL injection vulnerability in versions prior to 4.4.5, which stems from the use...

Projectworlds Hospital Management System SQL Injection Vulnerability (CNVD-2022-01378)

Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria. v1.0 of Projectworlds Hospital Management System is vulnerable to SQL injection, which can be exploited by attackers to Execute illegal SQL commands to steal sensitive database data...

Video Sharing Website SQL Injection Vulnerability

Video Sharing Website is a video sharing website. video Sharing Website is vulnerable to SQL injection in v1.0, which stems from the application's lack of validation of externally entered SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive...

Simple Cold Storage Management System SQL Injection Vulnerability

Simple Cold Storage Management System is a powerful and flexible ERP system that includes all the complex processing functionality required for cold storage. simple Cold Storage Management System is vulnerable in v1.0 due to a SQL injection vulnerability in the system's view The vulnerability is...