268 matches found
CVE-2020-21725
OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter...
CVE-2018-17843
SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and Gift MLM Software 1.0...
Apartment Visitors Management System /admin/pass-details.php File SQL Injection Vulnerability
Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that originates from a misbehavior of the parameter pid in the file /admin/pass-details.php that results in SQL injection. An attacker ca...
CVE-2025-2387
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely...
Responsive Hotel Site print.php Page SQL Injection Vulnerability
Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the pid parameter of the /admin/print.php page. The vulnerability can be exploited by an attacker...
Code-Projects Responsive Hotel Site 注入漏洞
Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the pid parameter of the /admin/print.php page. The vulnerability can be exploited by an attacker...
CVE-2024-12948
A vulnerability was found in code-projects Travel Management System 1.0. It has been classified as critical. This affects an unknown part of the file /detail.php. The manipulation of the argument pid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-42783
Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manageplaylistitems.php. An attacker can execute arbitrary SQL commands via the "pid" parameter...
CVE-2024-42783
Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manageplaylistitems.php. An attacker can execute arbitrary SQL commands via the "pid" parameter...
Kashipara Music Management System 安全漏洞
Kashipara Music Management System is a music management system from Kashipara. A SQL injection vulnerability exists in Kashipara Music Management System v1.0, which originates from the lack of validation of the pid parameter of /music/manageplaylistitems.php against external SQL input, and can be...
PT-2024-30155 · Unknown · Kashipara Music Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Music Management System version 1.0 Description: The issue allows an attacker to execute arbitrary SQL commands via the pid parameter in the "/music/manage playlist items.php" API endpoint. This enables the attacker to manipulate th...
TOTOLINK X5000R pid parameter command injection vulnerability
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R pid parameter, which originates from the pid parameter of /cgi-bin/cstecgi.cgi failing to properly filter construct command special characters, commands, etc. An...
TOTOLINK X5000R 安全漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R pid parameter, which originates from the pid parameter of /cgi-bin/cstecgi.cgi failing to properly filter construct command special characters, commands, etc. An...
PT-2024-18384 · Sourcecodester · Sourcecodester Employee Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Employee Management System version 1.0 Description: A critical issue has been found, affecting an unknown function of the file /psubmit.php. The manipulation of the argument pid with the input '+or+1%3d1%23 leads to SQL...
CVE-2024-25318
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2...
CVE-2024-25318
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2...
CodeAstro Real Estate Management System SQL Injection Vulnerability
CodeAstro Real Estate Management System is a real estate management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Real Estate Management System 1.0 and prior versions, which stems from an unknown section in the propertydetail.php file that causes SQL injection via the...
PT-2024-15644 · Unknown · Codeastro Real Estate Management System
Name of the Vulnerable Software and Affected Versions: CodeAstro Real Estate Management System versions up to 1.0 Description: A critical vulnerability has been found in the CodeAstro Real Estate Management System. This issue affects an unknown part of the file propertydetail.php. The manipulatio...
The vulnerability of the DisconnectVPN function in the microprogramming software for TOTOLINK X18 allows a hacker to execute arbitrary commands.
The vulnerability of the DisconnectVPN function in the TOTOLINK X18 router microprogramming system is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely using the pid parameter...
PT-2023-32683 · Unknown · Phpgurukul Nipah Virus Testing Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Nipah Virus Testing Management System version 1.0 Description: A problematic issue has been found in the manage-phlebotomist.php file, where the manipulation of the pid argument leads to cross-site request forgery. The attack can b...