CVE-2024-40542

my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/role?offset...

CVE-2024-4907

A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /view/showstudent2.php. The manipulation of the argument grade leads to sql injection. The attack can be initiated remotely...

CVE-2023-4987 infinitietech taskhub GET Parameter get_tasks_list sql injection

A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/gettaskslist of the component GET Parameter Handler. The manipulation of the argument project/status/userid/sort/search leads to...

PHP Multi Vendor Script 1.02 - 'sid' SQL Injection

Exploit Title: PHP Multi Vendor Script v1.02 - 'sid' Parameter SQL Injection Date: 2017-09-28 Exploit Author: 8bitsec Vendor Homepage: http://www.dexteritysolution.com/ Software Link: http://www.dexteritysolution.com/php-multivendor-e-commerce-script.html Version: 1.02 Tested on: Kali Linux 2.0 |...

CVE-2008-6322

SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter...