3894 matches found
CVE-2025-62385
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62385
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62387
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62389
CVE-2025-62389 is a SQL injection vulnerability in Ivanti Endpoint Manager. The vulnerability allows a remote authenticated attacker to read arbitrary data from the database. Multiple connected advisories confirm this family of SQL injection issues affects Ivanti Endpoint Manager and note a remed...
CVE-2025-62389
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62390
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62392
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
Simple Food Ordering System product.php File SQL Injection Vulnerability
Simple Food Ordering System is a simple food ordering system. The Simple Food Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Category in the file /product.php. An attacker can exploit thi...
Ivanti Endpoint Manager(EPM) SQL注入漏洞
Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. Ivanti Endpoint Manager suffers from a SQL injection...
PT-2025-41833
Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager affected versions not specified Description A SQL injection issue exists in Ivanti Endpoint Manager. A remote authenticated attacker can potentially read arbitrary data from the database. The issue allows unauthorized...
E-Commerce Website /pages/supplier_update.php SQL Injection Vulnerability
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from improper filtering of SQL statements submitted by the parameter suppid in the /pages/supplierupdate.php file, which can be exploited by an attacker to gain unauthorized...
PT-2025-41831
Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager affected versions not specified Description A SQL injection issue exists in Ivanti Endpoint Manager. A remote authenticated attacker can potentially read arbitrary data from the database. The issue allows for unauthoriz...
PT-2025-41827
Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager affected versions not specified Description A SQL injection issue exists in Ivanti Endpoint Manager. A remote authenticated attacker can potentially read arbitrary data from the database. The issue allows for unauthoriz...
code-projects Automated Voting System SQL注入漏洞
Automated Voting System is an automated voting system. Automated Voting System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter firstname in file /admin/addcandidatemodal.php for externally entered SQL statements. An attacker can exploit this...
CVE-2025-31997 HCL Unica Centralized Offer Management is vulnerable to Insecure Direct Object References (IDOR)
HCL Unica Centralized Offer Management is vulnerable to Insecure Direct Object References IDOR. An attacker can bypass authorization and access resources in the system directly, for example database records or files...
Code-Projects Online Job Search Engine SQL注入漏洞
Online Job Search Engine is an online job search engine. Online Job Search Engine suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter txtspecialization in the file /searchjob.php. An attacker can exploit this...
CVE-2025-10351 SQL injection vulnerability in Melis Platform
SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'idPage' parameter in the '/melis/MelisCms/PageEdition/getTinyTemplates' endpoint...
CVE-2025-40886
A SQL Injection vulnerability was discovered in the Alert functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SQL statements on the DBMS used by the web application, potentially exposing unauthorized data, altering...
EUVD-2006-1215
Malware in sbrugna...
EUVD-2017-14324
Malware in sbrugna...