CVE-2018-25424

Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login and password parameters. Attackers can submit crafted POST requests to login-exec.php with SQL injection payloads in form...

CVE-2018-25424 Gate Pass Management System 2.1 SQL Injection via login-exec.php

Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login and password parameters. Attackers can submit crafted POST requests to login-exec.php with SQL injection payloads in form...

Code-Projects Simple Pizza Ordering System 安全漏洞

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ingname in the file /adding-exec.php. An attacker can exploit this...

PT-2018-14404 · Asuswrt Merlin · Merlin.Php

Name of the Vulnerable Software and Affected Versions: Merlin.PHP version 0.6.6 Description: An issue was discovered in the Merlin.PHP component for Asuswrt-Merlin devices, allowing an attacker to execute arbitrary commands due to a popen call in exec.php. The vendor notes that Merlin.PHP is...