EUVD-2024-2279

Malicious code in bioql PyPI...

GHSA-69WX-XC6J-28V3 Admidio has Blind SQL Injection in ecard_send.php

Description: An SQL Injection has been identified in the /admprogram/modules/ecards/ecardsend.php source file of the Admidio Application. The SQL Injection results in a compromise of the application's database. The value of ecardrecipients POST parameter is being directly concatenated with the SQ...

Admidio has Blind SQL Injection in ecard_send.php

Description: An SQL Injection has been identified in the /admprogram/modules/ecards/ecardsend.php source file of the Admidio Application. The SQL Injection results in a compromise of the application's database. The value of ecardrecipients POST parameter is being directly concatenated with the SQ...

CVE-2024-37906 Admidio has Blind SQL Injection in ecard_send.php

Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.9, there is an SQL Injection in the /admprogram/modules/ecards/ecardsend.php source file of the Admidio Application. The SQL Injection results in a compromise of the...

CVE-2024-37906 Admidio has Blind SQL Injection in ecard_send.php

Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.9, there is an SQL Injection in the /admprogram/modules/ecards/ecardsend.php source file of the Admidio Application. The SQL Injection results in a compromise of the...

CVE-2024-37906

Admidio has a Blind SQL Injection in ecards/ecard_send.php affecting versions prior to 4.3.9. The vulnerability arises from directly concatenating the POST parameter ecard_recipients into the SQL query, allowing a member to trigger time-based, condition-based, or out-of-band payloads to compromis...