9888 matches found
CVE-2023-6410
A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via editprofile.php in multiple parameters. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retriev...
Voovi SQL Injection Vulnerability
Voovi is an open source social networking script from Sourceforge. Voovi version 1.0 suffers from a SQL injection vulnerability, which stems from a SQL injection vulnerability in videos.php...
Voovi SQL Injection Vulnerability
Voovi is an open source social networking script from Sourceforge. Voovi 1.0 version has a SQL injection vulnerability , the vulnerability stems from editprofile.php has a SQL injection vulnerability...
Voovi SQL Injection Vulnerability
Voovi is an open source social networking script from Sourceforge. Voovi 1.0 version has a SQL injection vulnerability , the vulnerability stems from home.php has a SQL injection vulnerability...
Voovi SQL Injection Vulnerability
Voovi is an open source social networking script from Sourceforge. Voovi version 1.0 suffers from a SQL injection vulnerability, which stems from a SQL injection vulnerability in photo.php...
Vulnerability fixed in Solarwinds Platform
Solarwinds has fixed a vulnerability in Solarwinds Platform. A malicious party could exploit the vulnerability to use SQL-Injection to gain access to sensitive data, or potentially execute arbitrary code with application privileges. For successful exploitation, the malicious party must be...
CVE-2023-48188
SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function...
CVE-2023-6310
A vulnerability has been found in SourceCodester Loan Management System 1.0 and classified as critical. This vulnerability affects the function deleteborrower of the file deleteBorrower.php. The manipulation of the argument borrowerid leads to sql injection. The attack can be initiated remotely...
VulnCheck KEV: CVE-2023-1020
The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
PrestaShop SQL Injection Vulnerability
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A SQL injection vulnerability exists in PrestaShop opartdevis versions v.4.5.18 through v.4.6.12, which...
CVE-2023-45377
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-5466
The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
PYSEC-2023-244
Apache Software Foundation Apache Submarine has an SQL injection vulnerability when a user logs in. This issue can result in unauthorized login.Now we have fixed this issue and now user must have the correct login to access workbench.This issue affects Apache Submarine: from 0.7.0 before 0.8.0.We...
PT-2023-29977 · Prestashop · Motivationsale
Name of the Vulnerable Software and Affected Versions: motivationsale module for PrestaShop versions prior to 3.5.0 Description: The issue concerns a SQL injection flaw in the motivationsaleDataModel::getProductsByIds method, allowing a guest to execute sensitive SQL calls with a simple HTTP...
WordPress Plugin Article Analytics Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
Adobe RoboHelp 安全漏洞
Adobe RoboHelp is a help authoring tool developed and released for Windows by the American company Audobee Adobe. Adobe RoboHelp Server suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit the...
CVE-2023-40923
MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and savesetting parameters...
PHPGurukul Pre-School Enrollment Security Vulnerability
PHPGurukul Pre-School Enrollment is a web-based preschool enrollment system from PHPGurukul, Inc. A security vulnerability exists in version 1.0 of PHPGurukul Pre-School Enrollment that originates from an easy SQL injection attack via the username parameter in the preschool/admin/ page...
Pimcore SQL Injection Vulnerability
Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A security vulnerability exists in Pimcore...
CVE-2023-34991
A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.0 through 8.4.2 and 8.3.0 through 8.3.2 and 8.2.2 allows attacker to execute unauthorized code or commands via a crafted http reque...