Code-Projects Online Hospital Management System SQL注入漏洞

Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. Version 1.0 of the Code-Projects Online Hospital Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the editid...

OFCMS SQL注入漏洞

OFCMS is a content management system developed by the Oufu individual developers. Version OFCMS 1.1.3 has a SQL injection vulnerability, which stems from an SQL injection in the Query function of the SysUserController.java file within the JSON query interface...

student_management_system_by_php SQL注入漏洞

studentmanagementsystembyphp is a student information management tool developed by Raisul Islam, based on PHP. studentmanagementsystembyphp has a SQL injection vulnerability, which stems from the incorrect handling of the 'role' parameter in the User Creation Handler component of the...

PT-2026-45271

A vulnerability has been found in raisulislamg4 student management system by php up to 310d950e09013d5133c6b9210aff9444382d16d1. The affected element is an unknown function of the file add user check.php of the component User Creation Handler. The manipulation of the argument role leads to sql...

OFCMS SQL注入漏洞

OFCMS is a content management system developed by the Oufu individual developers. Version OFCMS 1.1.3 has a SQL injection vulnerability, which stems from an SQL injection in the Query function of the SystemParamController.java file within the JSON query interface...

CVE-2026-10204 OFCMS JSON Query SysUserController.java query sql injection

A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...

CVE-2026-10204

CVE-2026-10204 affects OFCMS 1.1.3, specifically the JSON Query Interface. The vulnerability lies in the Query function within SysUserController.java, causing a SQL injection via remote exploitation. Public exploit access is noted, and the vendor was informed early through an issue but has not re...

CVE-2026-10204 OFCMS JSON Query SysUserController.java query sql injection

A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...

CVE-2026-10204

A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...

CVE-2026-10203 OFCMS JSON Query SystemParamController.java query sql injection

A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the component JSON Query Interface. The manipulation results in sql injection. The attack can be launched...

CVE-2026-10203

A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the component JSON Query Interface. The manipulation results in sql injection. The attack can be launched...

CVE-2026-10203

The report identifies CVE-2026-10203 affecting OFCMS 1.1.3. The vulnerability lies in the JSON Query Interface: the Query function in OFCMS-admin/src/main/java/com/ofsoft/cms/admin/controller/system/SystemParamController.java, which enables SQL injection. This can be triggered remotely, with publ...

CVE-2026-10202 OFCMS JSON Query SystemDictController.java query sql injection

A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation leads to sql injection. The attack can be initiated...

CVE-2026-10202 OFCMS JSON Query SystemDictController.java query sql injection

A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation leads to sql injection. The attack can be initiated...

CVE-2026-10202

A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation leads to sql injection. The attack can be initiated...

CVE-2026-10193

A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the component ComnController. Performing a manipulation of the argument system.user.query results in sq...

CVE-2026-10194

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

CVE-2026-10193

A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the component ComnController. Performing a manipulation of the argument system.user.query results in sq...

CVE-2026-10193

CVE-2026-10193 affects OFCMS up to version 1.1.3. The vulnerable element is the Query function in file at com/ofsoft/cms/admin/controller/ComnController.java (ComnController). An attacker can manipulate the argument system.user.query to trigger SQL injection. The exploit is capable of remote init...

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in qs (CVE-2025-15284, CVE-2026-2391)

Summary Multiple vulnerabilities in the qs query string parsing library used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the library to version 6.14.2. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs parse modules...