262 matches found
Code-Projects Responsive Hotel Site 注入漏洞
Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the pid parameter of the /admin/print.php page. The vulnerability can be exploited by an attacker...
CVE-2024-12948
A vulnerability was found in code-projects Travel Management System 1.0. It has been classified as critical. This affects an unknown part of the file /detail.php. The manipulation of the argument pid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-42783
Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manageplaylistitems.php. An attacker can execute arbitrary SQL commands via the "pid" parameter...
CVE-2024-42783
Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manageplaylistitems.php. An attacker can execute arbitrary SQL commands via the "pid" parameter...
PT-2024-30155 · Unknown · Kashipara Music Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Music Management System version 1.0 Description: The issue allows an attacker to execute arbitrary SQL commands via the pid parameter in the "/music/manage playlist items.php" API endpoint. This enables the attacker to manipulate th...
Kashipara Music Management System 安全漏洞
Kashipara Music Management System is a music management system from Kashipara. A SQL injection vulnerability exists in Kashipara Music Management System v1.0, which originates from the lack of validation of the pid parameter of /music/manageplaylistitems.php against external SQL input, and can be...
TOTOLINK X5000R pid parameter command injection vulnerability
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R pid parameter, which originates from the pid parameter of /cgi-bin/cstecgi.cgi failing to properly filter construct command special characters, commands, etc. An...
TOTOLINK X5000R 安全漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R pid parameter, which originates from the pid parameter of /cgi-bin/cstecgi.cgi failing to properly filter construct command special characters, commands, etc. An...
PT-2024-18384 · Sourcecodester · Sourcecodester Employee Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Employee Management System version 1.0 Description: A critical issue has been found, affecting an unknown function of the file /psubmit.php. The manipulation of the argument pid with the input '+or+1%3d1%23 leads to SQL...
CVE-2024-25318
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2...
CVE-2024-25318
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2...
CodeAstro Real Estate Management System SQL Injection Vulnerability
CodeAstro Real Estate Management System is a real estate management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Real Estate Management System 1.0 and prior versions, which stems from an unknown section in the propertydetail.php file that causes SQL injection via the...
PT-2024-15644 · Unknown · Codeastro Real Estate Management System
Name of the Vulnerable Software and Affected Versions: CodeAstro Real Estate Management System versions up to 1.0 Description: A critical vulnerability has been found in the CodeAstro Real Estate Management System. This issue affects an unknown part of the file propertydetail.php. The manipulatio...
The vulnerability of the DisconnectVPN function in the microprogramming software for TOTOLINK X18 allows a hacker to execute arbitrary commands.
The vulnerability of the DisconnectVPN function in the TOTOLINK X18 router microprogramming system is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely using the pid parameter...
PT-2023-32683 · Unknown · Phpgurukul Nipah Virus Testing Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Nipah Virus Testing Management System version 1.0 Description: A problematic issue has been found in the manage-phlebotomist.php file, where the manipulation of the pid argument leads to cross-site request forgery. The attack can b...
CVE-2023-4184
A vulnerability was found in SourceCodester Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file sellreturn.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The associated identifi...
Inventory Management System SQL注入漏洞
Inventory Management System is an inventory management system. A SQL injection vulnerability exists in Inventory Management System version 1.0, which originates from a SQL injection via the uppid parameter on the editsell.php page. No details of the vulnerability are available at this time...
PT-2023-5891 · Sourcecodester · Sourcecodester Inventory Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Inventory Management System version 1.0 Description: A critical issue affects the processing of the file sell return.php, where the manipulation of the pid argument leads to SQL injection. This allows an attacker to execute...
CVE-2023-34754
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit...
Sql injection
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit...