10 matches found
Automated Voting System add_candidate_modal.php File SQL Injection Vulnerability
Automated Voting System is an automated voting system. Automated Voting System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter firstname in file /admin/addcandidatemodal.php for externally entered SQL statements. An attacker can exploit this...
Online Book System index.php File SQL Injection Vulnerability
Online Book System is an online booking system. A SQL injection vulnerability exists in version 1.0 of Online Book System, which originates from a lack of validation of externally entered SQL statements in the username/password/loginusername/loginpassword parameters of the /index.php file. An...
IBM Security Guardium SQL Injection Vulnerability (CNVD-2023-20081)
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management, and streamlined audit process construction.IBM Security Guardium Key Lifecycle Manager is vulnerab...
Rocket.Chat SQL Injection Vulnerability
Rocket.Chat, an open source team chat software, is vulnerable to SQL injection, which stems from the application's lack of validation of externally entered SQL statements. An attacker could exploit the vulnerability to retrieve a reset password token via 2fa secret or 2fa secret...
Library Management System SQL Injection Vulnerability (CNVD-2022-61297)
Library Management System is a library management system with QR code attendance and automatic library card generation. version 1.0 of Library Management System is vulnerable to SQL injection, which stems from a missing parameter id in the file /librarian/bookdetails.php validation of externally...
Complete Online Job Search System SQL注入漏洞(CNVD-2022-48790)
Complete Online Job Search System is an online job search system. SQL injection vulnerability exists in Complete Online Job Search System, which originates from /eris/admin/employee/index.php?view=edit&id=page Lack of validation of externally entered SQL statements. An attacker could use this...
Badminton Center Management System SQL注入漏洞(CNVD-2022-44732)
Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. It provides an online and automated platform for badminton centers to manage their daily transactions and records. Badminton Center Management System version v1.0 is vulnerable to S...
Online Ordering System SQL Injection Vulnerability (CNVD-2022-55723)
Online Ordering System is a multi-store ordering system that can be used by any small business.An SQL injection vulnerability exists in Online Ordering System version 2.3.2, which originates from /ordering/admin/stockin/index.php?view=edit&id= The page lacks validation of externally entered SQL...
Calibre-Web SQL Injection Vulnerability
Calibre-Web is a Web application for browsing, reading and downloading eBooks from the Calibre database.A SQL injection vulnerability exists in versions prior to Calibre-Web 0.6.18.The vulnerability stems from the application's lack of validation of externally entered SQL statements, which can be...
Joomla! SQL Injection Vulnerability (CNVD-2022-64102)
Joomla! is a set of forum components used in the Joomla! content management system. SQL injection vulnerabilities exist in versions 3.0.0 through 3.10.6 and 4.0.0 through 4.1.0. The vulnerability stems from the application's lack of validation of externally entered SQL statements. An attacker cou...