EUVD-2019-20162

All in One Video Downloader 1.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send requests to the admin interface with UNION-based SQL injection payloads in the id...

CVE-2018-25418

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability in the year.php endpoint. The vulnerability allows unauthenticated attackers to send crafted GET requests with malicious payloads in the year parameter to execute arbitrary SQL queries. Impact stated includes extraction of sensitive data...

PT-2026-45113

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'q' parameter. Attackers can send GET requests to search.php with crafted SQL payloads to extract sensitive database informati...

Sourcecodester Online Shopping Alphaware SQL注入漏洞

Sourcecodester Online Shopping Alphaware is a Buffalo company Sourcecodester open source an online shopping system application . Sourcecodester Online Shopping Alphaware version 1.0 has a SQL injection vulnerability that can be exploited by an attacker to inject an executable SQL statement to...