ChurchCRM 5.9.1 - SQL Injection

Exploit Title: ChurchCRM 5.9.1 - SQL Injection Author: Sanan Qasimzada Date: 06.07.2024 Vendor: http://churchcrm.io/ Software: https://github.com/ChurchRM/CRM Reference: https://portswigger.net/web-security/sql-injection Description: In the manual insertion point 1 - parameter EID appears to be...

code-projects Online Exam Mastering System 注入漏洞

Code-Projects Online Exam Mastering System is a Code-Projects open source online exam system. An injection vulnerability exists in code-projects Online Exam Mastering System version 1.0, which is caused by an SQL injection into the parameter eid...

ChurchCRM 4.5.3 SQL Injection Vulnerability

Title: ChurchCRM-4.5.3-121fcc1-SQLi Author: nu11secur1ty Vendor: http://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://portswigger.net/web-security/sql-injection Description: In the manual insertion point 1 - parameter EID appears to be vulnerable to SQL injection...

Simple Online Book Store System 跨站脚本漏洞

Simple Online Book Store System is a simple online bookstore system by Carlo Montero, an individual developer. Simple Online Book Store System suffers from a cross-site scripting vulnerability, which stems from an unknown function in its /admin/edit.php component that operates on the parameter ei...