6 matches found
CVE-2021-47954
LayerBB 1.1.4 contains an unauthenticated SQL injection vulnerability in the search_query parameter. An attacker can send POST requests to /search.php with crafted search_query values (e.g., using CASE WHEN statements) to manipulate queries and extract sensitive database information. No remediati...
CVE-2025-51969
A SQL Injection vulnerability exists in the product.php page of PuneethReddyHC Online Shopping System Advanced 1.0. This flaw is present in the productid GET parameter, which is not properly validated before being included in a SQL statement...
PT-2024-39857 · Unknown · Code-Projects Crud Operation System
Name of the Vulnerable Software and Affected Versions: code-projects Crud Operation System version 1.0 Description: A critical vulnerability was found in the code-projects Crud Operation System. This issue affects the file delete.php and is related to the manipulation of the sid argument, leading...
CVE-2024-7934
A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file execute.php. The manipulation of the argument code leads to sql injection. The attack can be launched remotely...
CVE-2024-2329
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/listresourceicon.php?action=delete. The manipulation of the argument IconId leads to sql injection. The attack may be...
USN-4200-1 redmine vulnerabilities
It was discovered that Redmine incorrectly handle certain inputs that could cause textile formatting errors. An attacker could possibly use this issue to cause a XSS attack. CVE-2019-17427 It was discovered that an SQL injection could allow users to access protected information via a crafted obje...