82386 matches found
DB-GPT 代码注入漏洞
DB-GPT is an open-source development framework for AI-native data applications based on AWEL and proxies, developed by eosphoros. Version 0.7.5 of DB-GPT contains a code injection vulnerability, which stems from operations on components in the file/api/v1/serve/awel/flow/import, potentially leadi...
"4BDN: Connected Salesforce Org already exists"
Challenge When attempting to add a Salesforce sandbox to an on-premise installation of Veeam Backup for Salesforce , the following error occurs: 4BDN: Connected Salesforce Org already exists. Cause This occurs when the sandbox being added has the same name as a Salesforce sandbox that was...
CVE-2026-26711
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/view-ticket.php...
CVE-2026-26701
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edittecnicaluser.php...
CVE-2026-26711
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/view-ticket.php...
EUVD-2026-9205
sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/manageuser.php...
PT-2026-22685
Name of the Vulnerable Software and Affected Versions code-projects Simple Food Order System version 1.0 Description The Simple Food Order System version 1.0 is susceptible to SQL Injection. This issue affects the /food/routers/edit-orders.php endpoint. The edit-orders.php file is vulnerable,...
Chamilo 操作系统命令注入漏洞
Chamilo is a learning management system open source by Chamilo. Chamilo editinstance.php file has an operating system command injection vulnerability , the vulnerability stems from the file /plugin/vchamilo/views/editinstance.php on the POST parameter maindatabase improperly handled , an attacker...
PT-2026-22585
Name of the Vulnerable Software and Affected Versions Simple Student Alumni System version 1.0 Description The Simple Student Alumni System is susceptible to SQL Injection. This issue affects the /TracerStudy/recordteacher view.php script when handling the teacherID parameter. Exploitation may...
PT-2026-22576
In the "CheckUnitCodeAndKey.pl" service, the "validateOrgUnit" function is vulnerable to SQL injection...
CVE-2026-26700
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...
PT-2026-22663
Name of the Vulnerable Software and Affected Versions sourcecodester Pharmacy Point of Sale System version 1.0 Description The sourcecodester Pharmacy Point of Sale System version 1.0 is susceptible to SQL Injection. The issue affects the /pharmacy/view category.php endpoint. The view category.ph...
CVE-2026-26696
code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/recordteacheredit.php...
CVE-2026-26695
The CVE-2026-26695 affects code-projects Simple Student Alumni System v1.0. The vulnerability is a SQL Injection in /TracerStudy/recordstudent_edit.php caused by insufficient input validation. This allows an attacker with network access (no authentication required) to manipulate database queries,...
CVE-2026-26712
CVE-2026-26712 affects code-projects Simple Food Order System v1.0. The vulnerability is SQL Injection in /food/view-ticket-admin.php, caused by insufficient input handling in the application’s SQL queries. The CVSS v3.1 metrics indicate a CRITICAL severity (Base Score 9.8) with network attack ve...
CVE-2026-26710
CVE-2026-26710 affects code-projects Simple Food Order System v1.0 with a SQL Injection vulnerability in /food/routers/edit-orders.php. The issue is documented across multiple connected sources, which identify the vulnerability as SQL Injection and indicate a high-severity impact (CVSS v3.1: 9.8,...
CVE-2026-26706
CVE-2026-26706 affects sourcecodester Pharmacy Point of Sale System v1.0, with a SQL Injection in the /pharmacy/view_receipt.php component. The issue is caused by improper input handling, enabling an attacker to extract/modify data. The published CVSS 3.1 metrics indicate a CRITICAL impact (CVSS:...
CVE-2026-26702
CVE-2026-26702 affects sourcecodester Personnel Property Equipment System v1.0. The vulnerability is an SQL Injection in /ppes/admin/myitem_reuse.php (as reported across multiple sources). The root cause is insufficient input sanitization in the affected file, enabling a attacker to inject SQL st...
PT-2026-22658
Name of the Vulnerable Software and Affected Versions sourcecodester Pharmacy Point of Sale System version 1.0 Description The software is susceptible to SQL Injection through the /pharmacy/view supplier.php endpoint. The view supplier.php file is vulnerable to this issue. The vulnerability allow...
hckr-tr
⠀⠀⠀⣠⣴⡶⢶⣦⣄⠀⠀⠀⠀⠀⠀⠀⠀⣾⠋⠙⢿⣆⣤⣤⣄⠀⠀⠀ ⠀⠀⢰⣿⠁⠀⠀⠀⠙⢷⡄⠀⠀⠀⠀⠀⢸⡿⠀⠀⠀⠛⠉...