932 matches found
PT-2022-13747 · Sap · Sap Information System
Name of the Vulnerable Software and Affected Versions: SAP Information System version 1.0 Description: A critical issue was found, allowing an unauthenticated attacker to create a new admin account for the web application with a simple POST request to the "add admin.php" file, located at the "/SA...
SAP Information System 1.0 Shell Upload
Title: SAP Information System 1.0 Shell Upload Author: Hejap Zairy Date: 05.04.2022 Vendor: https://www.sourcecodester.com/php/15262/sap-information-system-using-phppdo-oop.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/SAPInformationSystem.zip Reference:...
CVE-2022-24231
Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student...
CVE-2022-24231
Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student...
CVE-2022-24231
Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student...
Sql injection
Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student...
CVE-2022-24231
The CVE-2022-24231 entry concerns Simple Student Information System v1.0, which is vulnerable to SQL injection via the add/Student path. The vulnerability is documented with a high-severity impact (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H; base score 9.8) affecting confidentiality, integrit...
CVE-2022-24231
Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student...
Simple Student Information System SQL注入漏洞
Simple Student Information System is a web-based application platform that helps a university or college manage student information and academic records. SourceCodester Simple Student Information System version 1.0 is vulnerable to SQL injection, which can be exploited by attackers to send...
OS4Ed OpenSIS Cross-Site Scripting Vulnerability
OS4Ed OpenSIS is OS4Ed's commercial-grade, secure, scalable and intuitive student information system, school management software. With all the functionality to run single or multiple institutions in a single installation, OS4Ed OpenSIS suffers from a cross-site scripting vulnerability that could ...
The vulnerability of the centralized system for managing emergency messages and events in CAMS for HIS distributed control systems CENTUM VP and CENTUM VP Entry Class, along with the OPC-server Exaopc, allows a perpetrator to execute arbitrary codes.
The vulnerability of the centralized system for managing emergency messages and events in CAMS for HIS distributed control systems CENTUM VP and CENTUM VP Entry Class, along with the OPC-server Exaopc, lies in the loading of a non-existent dynamic library. Exploiting this vulnerability could allo...
Practo Technologies Insta Hms跨站脚本漏洞
Practo Technologies Insta Hms is a hospital information system from Practo Technologies, India. Practo Technologies Insta HMS has a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to...
Practo Technologies Insta Hms 跨站脚本漏洞
Practo Technologies Insta Hms is a hospital information system from Practo Technologies, India. Practo Technologies Insta HMS has a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to...
openSIS Student Information System 8.0 - (multiple) SQL Injection Vulnerability
Exploit Title: openSIS Student Information System 8.0 - 'multiple' SQL Injection Date: 26/12/2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://opensis.com Software Link: https://opensis.com Version: 8.0 Community Edition Tested on:...
openSIS Student Information System 8.0 - 'multiple' SQL Injection
Exploit Title: openSIS Student Information System 8.0 - 'multiple' SQL Injection Date: 26/12/2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://opensis.com Software Link: https://opensis.com Version: 8.0 Community Edition Tested on:...
GHSA-WF5P-F5XR-C4JJ SQL Injection in rosariosis
An unauthenticated SQL Injection vulnerability in Rosario Student Information System aka rosariosis before 8.1.1 allows remote attackers to execute PostgreSQL statements e.g., SELECT, INSERT, UPDATE, and DELETE through /Side.php via the syear parameter...
SQL Injection in rosariosis
An unauthenticated SQL Injection vulnerability in Rosario Student Information System aka rosariosis before 8.1.1 allows remote attackers to execute PostgreSQL statements e.g., SELECT, INSERT, UPDATE, and DELETE through /Side.php via the syear parameter...
Rosario Student Information System SQL Injection Vulnerability
The Rosario Student Information System is a free student information system used for school administration, and a SQL injection vulnerability exists in the Rosario Student Information System, which can be exploited to execute Postgre SQL statements via the /Side.php parameter via the syear...
CVE-2021-44427
An unauthenticated SQL Injection vulnerability in Rosario Student Information System aka rosariosis before 8.1.1 allows remote attackers to execute PostgreSQL statements e.g., SELECT, INSERT, UPDATE, and DELETE through /Side.php via the syear parameter...
CVE-2021-44427
An unauthenticated SQL Injection vulnerability in Rosario Student Information System aka rosariosis before 8.1.1 allows remote attackers to execute PostgreSQL statements e.g., SELECT, INSERT, UPDATE, and DELETE through /Side.php via the syear parameter...