20 matches found
CVE-2026-6617 langgenius dify ApiToolManageService api_tools_manage_service.py get_api_tool_provider_remote_schema server-side request forgery
A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function getapitoolproviderremoteschema of the file api/services/tools/apitoolsmanageservice.py of the component ApiToolManageService. Performing a manipulation of the argument url results in server-side...
CVE-2026-26886
Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /admin/services/manageservice.php...
CVE-2026-26886
Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /admin/services/manageservice.php...
CVE-2026-26886
Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /admin/services/manageservice.php...
PT-2026-22754
Sourcecodester Simple Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /admin/services/manage service.php...
EUVD-2026-9301
Sourcecodester Simple Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /admin/services/manageservice.php...
CVE-2026-26886
Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /admin/services/manageservice.php...
CVE-2026-26886
CVE-2026-26886 affects Sourcecodester Online Men’s Salon Management System v1.0. The vulnerability is a SQL Injection in the admin path /admin/services/manage_service.php, caused by unsanitized input that allows injection into SQL queries. Multiple sources (Red Hat, NVD, CVE list, Attackerkb, CVE...
CVE-2026-23688
SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...
CVE-2026-23688 Missing Authorization check in SAP Fiori App (Manage Service Entry Sheets - Lean Services)
SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...
CVE-2026-23688
CVE-2026-23688 affects SAP Fiori App Manage Service Entry Sheets. The issue is insufficient authorization checks for an authenticated user, enabling privilege escalation with low impact to integrity; confidentiality and availability are unaffected. CVSS 3.1 vector yields a base score of 4.3 (MEDI...
CVE-2023-2347
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/services/manageservice.php. The manipulation of the argument id leads to sql injection. The attack can be initiated...
CVE-2022-44294
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/manageservice&id=...
Automotive Shop Management System SQL注入漏洞
Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of the /asms/admin/services/manageservice.php?id= component...
PT-2022-27217 · Unknown · Automotive Shop Management System
Name of the Vulnerable Software and Affected Versions: Automotive Shop Management System version 1.0 Description: The issue concerns SQL Injection. It can be exploited via the "/asms/admin/services/manage service.php" endpoint, specifically through the id variable. Recommendations: For Automotive...
CVE-2022-32005
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/services/manageservice.php?id=...
CVE-2022-31352
Online Car Wash Booking System v1.0 by oretnom23 has SQL injection in /ocwbs/admin/services/manageservice.php?id=...
CVE-2022-31352
Online Car Wash Booking System v1.0 by oretnom23 has SQL injection in /ocwbs/admin/services/manageservice.php?id=...
Online Car Wash Booking System SQL注入漏洞
Online Car Wash Booking System is an online car wash booking system from Carlo Montero. v1.0 of Online Car Wash Booking System is vulnerable to SQL injection, which originates from /ocwbs/admin/services/ manageservice.php?id=The page lacks validation for external input SQL statements, which can b...
Badminton Center Management System SQL注入漏洞
Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. It provides an online and automated platform for badminton centers to manage their daily transactions and records. Badminton Center Management System version v1.0 is vulnerable to S...