WordPress plugin WCFM Marketplace 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin WCFM Marketplace suffers from a SQL injection vulnerability that stems from th...

Courier Management System add-new-officer.php File SQL Injection Vulnerability

Courier Management System is a courier management system. Courier Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ManagerName in the file /add-new-officer.php. An attacker can exploit this...

Code-Projects Online Complaint Site SQL注入漏洞

Online Complaint Site is an online complaint site. Online Complaint Site suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Category in the file /admin/category.php. An attacker can exploit this vulnerabilit...

AndSoft e-TMS SQL注入漏洞

AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter USRMAIL in the file /inc/login/TRACKREQUESTFRMSQL.ASP. An attacker can...

appRain CMF SQL Injection Vulnerability (CNVD-2025-21132)

appRain CMF is a content management framework. appRain CMF suffers from an SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BPage%5D%5Bname%5D parameter of /apprain/page/manage-dynamic-pages/create. An attacker could use this...

WellChoose Organization Portal System SQL注入漏洞

WellChoose Organization Portal System is an electronic directory service system from WellChoose in Taiwan, China. The WellChoose Organization Portal System suffers from a SQL injection vulnerability that arises from the application's lack of validation of externally entered SQL statements. The...

code-projects Exam Form Submission 注入漏洞

Exam Form Submission is an exam form. Exam Form Submission suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in parameter ID in file /admin/deletes8.php. An attacker can exploit this vulnerability to execute illegal SQL commands...

Car Rental System message_admin.php File SQL Injection Vulnerability

Car Rental System is a car rental system. Car Rental System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the messageadmin.php file's parameter Message. An attacker can use this vulnerability to execute illegal SQL commands...

School Fees Payment System datatable.php File SQL Injection Vulnerability

School Fees Payment System is a tuition payment system. The School Fees Payment System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter sSortDir0 in the file /datatable.php. An attacker can exploit this...

Employee Record Management System /myprofile.php File SQL Injection Vulnerability

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter EmpCode in the file /myprofile.php. An attacker...

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements, which can be exploited by an attacker to cause a data leak or complete database corruption...

Learning Management System SQL Injection Vulnerability (CNVD-2024-35193)

Learning Management System is itsourcecode open source a learning management system . Learning Management System version 1.0 suffers from a SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statements . Attackers can use this...

J2EEFAST myProcessList function SQL injection vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the myProcessList function of the...

J2EEFAST findApplyedTasksPage function SQL injection vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from BpmTaskMapper.xml...

RuvarOA id parameter SQL injection vulnerability (CNVD-2024-33625)

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the id parameter of the /WorkFlow/wfofficefilehistoryshow.aspx file, which lacks validation of externally entered SQL statements. An attacker can exploit...

Student Record System login.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the id/password parameter of the file /login.php. An attacker can exploit this vulnerability to...

Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14039)

Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...

Simple School Managment System SQL Injection Vulnerability

Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...

Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14040)

Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...

Apache Cocoon SQL注入漏洞

Apache Cocoon is the United States Apache Apache Foundation of a component-based Web development concepts built Web application framework. Apache Cocoon suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacke...