phpMyAdmin SQL injection vulnerability

An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query...

GHSA-7FF4-CV53-4CJQ phpMyAdmin SQL injection vulnerability

An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query...

Online Banking System SQL Injection Vulnerability (CNVD-2022-71426)

Online Banking System is a simple banking system project used to manage bank customers' accounts and process basic customer transactions. A SQL injection vulnerability exists in Online Banking System, which stems from the lack of filtering and transfer of SQL data in the employee ID and employee...

PHPGURUKUL Zoo Management System SQL Injection Vulnerability

PHPGURUKUL Zoo Management System is a zoo management system from the PHPGurukul Phpgurukul team. PHPGURUKUL Zoo Management System v1.0 is vulnerable to SQL injection, which stems from a lack of filtering in the classid parameter in /publichtml/animals, and can be exploited by attackers to execute...

SourceCodester Simple Student Information System SQL Injection Vulnerability

Simple Student Information System is a web-based application platform that helps a university or college manage student information and academic records. SourceCodester Simple Student Information System version 1.0 is vulnerable to SQL injection, which can be exploited by attackers to send...

Synology DiskStation Manager SQL Injection Vulnerability (CNVD-2022-27445)

Synology DiskStation Manager DSM is an operating system used on network storage servers NAS by Synology Inc. of Taiwan, China. A SQL injection vulnerability exists in Synology DiskStation Manager, which stems from the failure of the product's Log Management function to handle special characters i...

Victor CMS SQL Injection Vulnerability (CNVD-2022-18528)

Victor CMS is an open source content management system from Victor Alagwu, a personal developer in Nigeria.A SQL injection vulnerability exists in Victor CMS v1.0, which stems from the fact that the product does not effectively handle or escape special characters in user input data. An attacker...

WordPress Orange Form Plugin SQL Injection Vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. A SQL injection vulnerability exists in the Wordpress Orange Form Plugin 1.0 and earlier versions, which originates in the product admin/orange-form-email.php file in the processbulkaction functi...

Tongda2000 SQL Injection Vulnerability

A SQL injection vulnerability exists in Tongda2000, a web-based intelligent office system from China Tongda, which originates from the dname parameter in the product's exportdata.php file that does not securely handle special characters in user input data. An attacker can execute malicious SQL...

SourceCodester Employee and Visitor Gate Pass Logging System SQL注入漏洞

SourceCodester Employee and Visitor Gate Pass Logging System is a simple web-based employee and visitor pass logging system that provides companies with an automated platform to track or log the daily records of employees and visitors entering a company building or premises. A SQL injection...

WordPress SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in Wordpress Plugin Events Manager that stems from the product...

WordPress SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress Plugin is a WordPress open source application plugin. SQL injection vulnerability exists in the Wordpress...

ASB-A-192606047

In resetAccumulator of select.c, there is a possible use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2020-26668

A SQL injection vulnerability was discovered in /core/feeds/custom.php in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to inject a malicious SQL query to the applications via the 'Create New Feed' function...

Sql injection

A SQL injection vulnerability was discovered in /core/feeds/custom.php in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to inject a malicious SQL query to the applications via the 'Create New Feed' function...

CVE-2020-26668

A SQL injection vulnerability was discovered in /core/feeds/custom.php in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to inject a malicious SQL query to the applications via the 'Create New Feed' function...

CVE-2021-27828

SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries...

In4Suit ERP 3.2.74.1370 - (txtLoginId) SQL injection Vulnerability

Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows ----------------------------------------- SQL injection in In4Suite ERP 3.2.74.1370...

In4Suit ERP 3.2.74.1370 SQL Injection

Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Date: 18/05/2021 Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows ----------------------------------------- SQL injection in In4Suite...

In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection

Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Date: 18/05/2021 Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows CVE: CVE-2021-27828 ----------------------------------------- SQL...