757 matches found
Sql injection
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php...
Sql injection
Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php...
CVE-2022-47865
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php...
CVE-2022-47862
Lead Management System v1.0 is vulnerable to SQL Injection via the customerid parameter in ajaxrepresent.php...
CVE-2022-47861
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php...
Lead Management System SQL注入漏洞
Lead management system is a lead management system developed by Mayuri K. The Lead Management System v1.0 version is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the customerid parameter in ajaxrepresent.php. statement in ajaxrepresent.php...
CVE-2022-47860
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct.php. Root cause: lack of input validation. Impact: potential access to/steal of database data; high severity (CVSS 3.1 base 9.8; Network attack, no auth, no user interaction). Exploitation details are...
CVE-2022-47862
The CVE-2022-47862 entry concerns Lead Management System v1.0, where the customer_id parameter in ajax_represent.php is vulnerable to SQL Injection. The provided documents consistently identify SQL Injection as the issue source without detailing exploits in the wild. CVSS metrics indicate a Criti...
CVE-2022-47859
Lead Management System v1.0 is affected by a SQL Injection in the user_id parameter of changePassword.php. The CVE description and multiple connected records consistently identify the root cause as unsanitized/validated input in changePassword.php, enabling arbitrary SQL execution with high impac...
CVE-2022-47865
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php...
PT-2023-15496 · Unknown · Lead Management System
Name of the Vulnerable Software and Affected Versions: Lead Management System version 1.0 Description: The issue concerns SQL Injection via the id parameter in the "removeProduct.php" endpoint. This allows for potential manipulation of database queries. Recommendations: For Lead Management System...
PT-2023-15497 · Unknown · Lead Management System
Name of the Vulnerable Software and Affected Versions: Lead Management System version 1.0 Description: The issue concerns SQL Injection via the id parameter in the "removeLead.php" endpoint. This allows for potential manipulation of database queries. Recommendations: For Lead Management System...
CVE-2022-47865
CVE-2022-47865 affects Lead Management System v1.0, with a SQL Injection flaw in the removeOrder.php endpoint via the id parameter. Reported CVSS v3.1 base score 9.8 (CRITICAL; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Exploitation and impact details are consistent across multiple sources in the conn...
CVE-2022-47864
CVE-2022-47864 affects Lead Management System v1.0 and is described as vulnerable to SQL injection via the id parameter in removeCategories.php. The underlying issue is inadequate input handling that allows an attacker to manipulate SQL queries, enabling potential unauthorized data access or modi...
Lead Management System SQL注入漏洞
Lead management system is a lead management system developed by Mayuri K. A SQL injection vulnerability exists in Lead Management System v1.0, which stems from the lack of validation of external input SQL statements in the id parameter of removeOrder.php, and can be exploited by attackers to The...
CVE-2022-47866
Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php...
Lead Management System SQL注入漏洞
Lead management system is a lead management system developed by Mayuri K. The Lead Management System v1.0 version is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the userid parameter of changePassword.php. An attacker could use this...
CVE-2022-47862
Lead Management System v1.0 is vulnerable to SQL Injection via the customerid parameter in ajaxrepresent.php...
Lead management system SQL注入漏洞
Lead management system is a lead management system developed by Mayuri K. A SQL injection vulnerability exists in Lead Management System v1.0, which stems from the lack of validation of external input SQL statements in the id parameter of removeBrand.php, and can be exploited by attackers to The...
CVE-2022-47864
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeCategories.php...