TaskMatic SQL Injection Vulnerability

TaskMatic is an automation assistant from TaskMatic. TaskMatic version 1.0 suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

J2EEFAST SysUreportFileMapper.xml File SQL Injection Vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the SysUreportFileMapper.xml findPa...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13465)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by the lack of validation of the materialname parameter of the addmaterialsubmit.php file against external SQL input,...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13471)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by the lack of validation of the typename parameter of the itemtypesubmit.php file against externally-entered SQL...

NETGEAR DGN3500 Buffer Overflow Vulnerability

The NETGEAR DGN3500 is a wireless router from NETGEAR. The NETGEAR DGN3500 version 1.1.00.37 suffers from a buffer overflow vulnerability, which originates from the httppassword parameter in setup.cgi failing to properly validate the length of the input data, which can be exploited by a remote...

File Tracker Manager System SQL Injection Vulnerability

File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameter newpassword in the file register/updatepassword.php against externally entered SQL statements. A...

Campcodes Advanced Online Voting System SQL Injection Vulnerability

Campcodes Advanced Online Voting System is an online voting system. Campcodes Advanced Online Voting System v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter id of the file /admin/votersrow.php, which can be...

Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29381)

Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to a SQL injection vulnerability in the file /classes/Master.php?f=updateorderstatus, where the parameter id of the function...

Online Computer and Laptop Store delete_order function SQL injection vulnerability

Online Computer and Laptop Store is an online computer and laptop store. An SQL injection vulnerability exists in Online Computer and Laptop Store v1.0, which originates from the function deleteorder in /classes/master.php?f=deleteorder where the parameter id of deleteorder lacks validation for...

Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29385)

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to a SQL injection vulnerability, which stems from the lack of validation of external input SQL statements in the parameter email of...

Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29387)

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter id of the fi...

IBM Security Guardium SQL Injection Vulnerability (CNVD-2023-20081)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management, and streamlined audit process construction.IBM Security Guardium Key Lifecycle Manager is vulnerab...

Canteen Management System SQL Injection Vulnerability (CNVD-2023-08051)

Canteen Management System is a canteen management system. version 1.0 of Canteen Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements by parameter id. An attacker could use this vulnerability to execute illegal SQL commands to...

Automotive Shop Management System SQL Injection Vulnerability (CNVD-2022-87037)

Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability that originates in the /asms/classes/Master.php?f=deleteservice component that lacks validation of...

Online Tours

Online Tours & Travels Management System is an online travel management system developed by Mayuri K. A SQL injection vulnerability exists in Online Tours & Travels Management System v1.0, which originates from /admin/update The id parameter of traveller.php lacks validation for external input SQ...

Clinic's Patient Management System SQL注入漏洞

Clinic's Patient Management System is a patient management system for clinics. a SQL injection vulnerability exists in Clinic's Patient Management System v1.0, which originates in /pms/ The id parameter in updatepatient.php lacks validation for external input SQL statements. An attacker could use...

Pharmacy Management System getsalereport.php SQL Injection Vulnerability

Pharmacy Management System MPMS is a multi-lingual pharmacy management system by Mayuri K. Personal developer. version v1.0 of Pharmacy Management System is vulnerable to SQL injection, which stems from the startDate parameter in getsalereport.php parameter in getsalereport.php lacks validation f...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77045)

Product Show Room Site is a kind of product show room website by Carlo Montero's personal developer. product show room site v1.0 version exists SQL injection vulnerability, the vulnerability originates from the existence of the id parameter in /psrs/?p=products/viewproduct&id SQL injection, an...

Clinics Patient Management System SQL Injection Vulnerability

Clinics Patient Management System is a clinic patient management system. A SQL injection vulnerability exists in Clinics Patient Management System version 2.0, which originates from a parameter username that can be exploited to execute illegal SQL commands...

Library Management System SQL Injection Vulnerability (CNVD-2022-61297)

Library Management System is a library management system with QR code attendance and automatic library card generation. version 1.0 of Library Management System is vulnerable to SQL injection, which stems from a missing parameter id in the file /librarian/bookdetails.php validation of externally...