53 matches found
CVE-2018-15873
CVE-2018-15873 describes a SQL Injection in Sentrifugo HRMS 3.2 exposed via the deptid parameter. Connected sources confirm a blind SQL injection in the POST endpoint /index.php/servicedeskconf/getemployees/format/html, enabling an attacker to read database information. Affected version is 3.2 (a...
Sentrifugo HRMS 3.2 - deptid SQL Injection
Sentrifugo HRMS 3.2 - deptid SQL Injection Exploit Title: Sentrifugo HRMS 3.2 - 'deptid' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-08-26 Google Dork: N/A Vendor: http://www.sapplica.com Software Link: http://www.sentrifugo.com/download Affected Version...
Sentrifugo HRMS 3.2 - 'deptid' SQL Injection
Exploit Title: Sentrifugo HRMS 3.2 - 'deptid' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-08-26 Google Dork: N/A Vendor: http://www.sapplica.com Software Link: http://www.sentrifugo.com/download Affected Version: 3.2 and possibly before Patched Version:...
StrongSoft灾害预警系统 warn/AjaxHandle/AjaxOuterWarnForMerger.ashx DeptID参数SQL注入漏洞
注入链接:/warn/AjaxHandle/AjaxOuterWarnForMerger.ashx 注入参数:DeptID 【获取数据库版本】 /warn/AjaxHandle/AjaxOuterWarnForMerger.ashx?action=GetCheckIdByPid&DeptID=1'+AND+2709=SELECT+@@version+AND+'EcwM'='EcwM 【获取当前数据库】...
农友软件建站系统erji.aspx deptid参数SQL注入漏洞
No description provided by source...
SQL Injection Vulnerability in Online Conference System of Beijing Gobit Technology Co.
Online meeting system Beijing Gobitech Technology Co. A SQL injection vulnerability exists in the Online Conference System of Beijing Gobitech Technology Co. The parameter deptid is injected, which can be used by an attacker to launch an attack and obtain sensitive information from the database...
CVE-2010-1702
SQL injection vulnerability in submitticket.php in WHMCompleteSolution WHMCS 4.2 allows remote attackers to execute arbitrary SQL commands via the deptid parameter...
Sql injection
SQL injection vulnerability in submitticket.php in WHMCompleteSolution WHMCS 4.2 allows remote attackers to execute arbitrary SQL commands via the deptid parameter...
CVE-2010-1702
CVE-2010-1702 : Affected software is WHMCompleteSolution (WHMCS) 4.2. The vulnerability is a SQL injection in submitticket.php via the deptid parameter, allowing remote attackers to execute arbitrary SQL commands. This can impact confidentiality, integrity, and availability as described by the NV...
WHMCS Control SQL Injection
=Info======================================================================= Software: WHMCS control WHMCompleteSolution Sql Injection Vulnerability: Remote Sql Injection Google Dork: Powered by WHMCompleteSolution - or " inurl:WHMCS Off. site: www.MiXaTy.com...
Sql injection
SQL injection vulnerability in messagebox.php in OSI Codes PHP Live! 3.3 allows remote attackers to execute arbitrary SQL commands via the deptid parameter...
CVE-2006-6769
CVE-2006-6769 applies to PHP Live! 3.2.2 and earlier, with multiple XSS flaws. Vulnerable components/files include transcripts.php (search_string parameter), index.php (l parameter), phplive/index.php (login field), and phplive/message_box.php (deptid and x parameters). Exploits describe arbitrar...
YLZH(right.php)Cross Site Scripting
========================== Discovery By: Breeeeh Site: www.alshmokh.com E-mail: [email protected] ========================== Example: /right.php?deptid=XSS...