CVE-2021-25202

SQL injection vulnerability in SourceCodester Sales and Inventory System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to \ahira\admin\inventory.php...

CVE-2021-25205

SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php...

CVE-2010-1950

SQL injection vulnerability in the Online News Paper Manager comjnewspaper component 1.0 for Joomla!, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the dateinfo parameter to index.php. NOTE: the provenance of this information is unknown; the detail...

CVE-2013-5121

SQL injection vulnerability in PHPFox before 3.6.0 build6 allows remote attackers to execute arbitrary SQL commands via the searchsortby parameter to user/browse/view/...

The vulnerability of the VMmanager 6 virtualization tool, related to the lack of protective measures for the SQL query structure, allows attackers to execute arbitrary SQL queries against the database.

The vulnerability of VMmanager 6’s virtualization mechanism is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...

CyberoamOS (CROS) SQL Injection Vulnerability

CyberoamOS CROS contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely...

VulnCheck KEV: CVE-2020-29574

CyberoamOS CROS contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely...

The vulnerability of the INFLEX Web smart office platform’s web application, related to the insecure processing of user input, allows a hacker to execute arbitrary SQL code.

The vulnerability of the INFLEX Web smart office platform’s web application is related to the insecure processing of user input. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

PT-2024-33193 · Sas · Sas Studio

Name of the Vulnerable Software and Affected Versions: SAS Studio version 9.4 Description: A SQL injection issue exists in the /SASStudio/sasexec/sessions/sessionID/sql endpoint of SAS Studio, allowing a remote attacker to execute arbitrary SQL commands via the POST body request. This issue is...

ROS-20240911-18

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

Huachu Digital Easytest Online Test Platform 安全漏洞

Huachu Digital Easytest Online Test Platform is an online test platform from Huachu Digital. A security vulnerability exists in Huachu Digital Easytest Online Test Platform version 24E01 and prior versions, which originates from allowing remote authenticated users to execute arbitrary SQL command...

Huachu Digital Easytest Online Test Platform 安全漏洞

Huachu Digital Easytest Online Test Platform is an online test platform from Huachu Digital. A security vulnerability exists in Huachu Digital Easytest Online Test Platform version 24E01 and earlier, which stems from improper handling of the uid parameter and could allow a remote attacker to...

PT-2024-5296

Name of the Vulnerable Software and Affected Versions Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below Description The issue is related to the monitoring module of Zohocorp ManageEngine Exchange Reporter Plus, where the software fails to properly protect the SQL query structur...

The vulnerability of the ia.core.mysqli.php component of the Intelliants Subrion CMS system allows a hacker to execute arbitrary SQL queries.

The vulnerability of the ia.core.mysqli.php component of the Intelliants Subrion CMS system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability of the Bulk Modification Tool component in Nagios XI allows a hacker to execute arbitrary SQL code.

The vulnerability of the Bulk Modification Tool component in Nagios XI is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

The vulnerability of the WP Live Chat Shoutbox plugin of the WordPress content management system allows a hacker to execute arbitrary SQL code.

The vulnerability of the WP Live Chat Shoutbox plugin of the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

The vulnerability of the microprogrammed network interface controllers from SonicWall, models SMA 210, SMA 410, SMA 500v, allows attackers to execute arbitrary SQL queries.

The vulnerability of SonicWall’s SMA 210, SMA 410, and SMA 500v network firewall microprogramming systems lies in the lack of security measures for handling SQL query structures. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries remotely...

SUSE CVE-2009-3165

SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...

The vulnerability of the exceedone/exment and exceedone/laravel-admin software lies in the possibility of introducing commands that allow attackers to execute arbitrary SQL queries against the application’s database.

The vulnerability of the exceedone/exment and exceedone/laravel-admin software lies in the possibility of executing commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the application’s database remotely...

CVE-2020-24770

SQL injection vulnerability in modrules.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter...