BIT-NIFI-2020-1928

An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present...

CVE-2025-9788 SourceCodester/Campcodes School Log Management System admin_class.php sql injection

A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/adminclass.php. Executing manipulation of the argument idno can lead to sql injection. The attack can be launched remotely. Th...

Code-Projects Patient Record Management System 注入漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from improper handling of the parameter itrno in the file /xrayform.php, which can be exploited by an attacker to bypass authenticati...

Code-Projects Patient Record Management System 注入漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from improper handling of the parameter itrno in the /urinalysisrecord.php file. The vulnerability can be exploited by an attacker to...

code-projects Patient Record Management System 安全漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter itrno in file /sputumform.php. An attacker can exploit thi...

Patient Record Management System fecalysis_form.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the itrno parameter of the fecalysisform.php file. An attacker can...

Code-Projects Patient Record Management System 安全漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the itrno parameter of the fecalysisform.php file. An attacker can...

Code-Projects Patient Record Management System 注入漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from the validation of externally entered SQL statements that are missing from parameter itrno in the dentalnot.php file. An attacker...

kernel: LSM: general protection fault in legacy_parse_param

In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacyparseparam The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular...

CVE-2023-37456

The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS 115...

Multiple cross-site scripting vulnerabilities in LabWiki

LabWiki is a meme plugin. Multiple cross-site scripting vulnerabilities exist in LabWiki 1.1 and earlier versions. A remote attacker can exploit this vulnerability by sending the 'from' parameter to the index.php file or the 'pageno' parameter to the recentchanges.php file to inject arbitrary web...

PromoteWeb MySQL - id SQL Injection

PromoteWeb MySQL - id SQL Injection =================================================================== PromoteWeb MySQL go.php id Remote SQL Injection Vulnerability =================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------'...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Web Icerik Yonetim Sistemi WIYS 1.0 allows remote attackers to inject arbitrary web script or HTML via the No parameter in the Sayfa page...