Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35534）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=siteoptions&social=display&value=0&sid=midsid parameter missing validation of external...

Simple Real Estate Portal System SQL注入漏洞（CNVD-2022-43405）

Simple Real Estate Portal System is a real estate portal system from Carlo Montero's personal developer. version v1.0 of Simple Real Estate Portal System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

McAfee Agent SQL Injection Vulnerability

Mcafee McAfee Agent MA is a client component from Mcafee that provides secure communication between ePolicy Orchestrator antivirus management platform and the managed products.A SQL injection vulnerability exists in versions prior to McAfee Agent 5.7.6, which stems from the application Lack of...

Roothub SQL Injection Vulnerability

Roothub is a forum system developed using SSM and MySQL.Roothub is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the s parameter of the Topics Counting feature, and can be exploited by attackers to execute illegal SQL commands to steal...

Roothub SQL Injection Vulnerability (CNVD-2022-44243)

Roothub is a forum system developed using SSM and MySQL.Roothub suffers from a SQL injection vulnerability, which stems from the lack of validation of external input SQL statements in the s parameter of the Topics Searching feature, and can be exploited by attackers to execute illegal SQL command...

CSZ CMS SQL Injection Vulnerability (CNVD-2022-30778)

CSZ CMS is a PHP-based open source content management system CMS. CSZ CMS version 1.2.2 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in cszcmsadminUserseditUser, and can be used by attackers to execute illegal SQL commands to obtain...

CSZ CMS SQL Injection Vulnerability (CNVD-2022-30781)

CSZ CMS is a PHP-based open source content management system CMS. CSZ CMS version 1.2.2 contains a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in cszcmsadminMemberseditUser and can be exploited by attackers to execute illegal SQL...

SourceCodester One Church Management System SQL注入漏洞

SourceCodester One Church Management System is an application of SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester One Church Management System version 1.0, which stems from The search2 parameter of attachancy.php lacks validation for external input SQL statements, which...

Shopware B2B-Suite SQL Injection Vulnerability (CNVD-2022-82575)

Shopware is a suite of e-commerce software from the German company Shopware.Shopware B2B-Suite 4.4.1 and prior versions are vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements applied to the sort-by parameter of the search function. An authenticat...

Joomla! SQL Injection Vulnerability (CNVD-2022-64102)

Joomla! is a set of forum components used in the Joomla! content management system. SQL injection vulnerabilities exist in versions 3.0.0 through 3.10.6 and 4.0.0 through 4.1.0. The vulnerability stems from the application's lack of validation of externally entered SQL statements. An attacker cou...

Money Transfer Management System SQL Injection Vulnerability

A SQL injection vulnerability exists in Money Transfer Management System version 1.0, a money transfer management system. The vulnerability stems from missing validation of external input SQL statements in the id parameter in admin/maintenance/managebranch.php and admin/maintenance/managefee.php...

Online Project Time Management System SQL Injection Vulnerability

Online Project Time Management System is a web-based online project time management system that provides an online platform for a company's employees to report/record their assigned time or time spent on each project resubmission. online project time management system A SQL injection vulnerabilit...

Luocms SQL Injection Vulnerability (CNVD-2022-20130)

Luocms is an article management system. A SQL injection vulnerability exists in Luocms v2.0, which stems from a lack of validation of external input SQL statements in /admin/news/sortok.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data...

WordPress AdRotate Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress AdRotate Plugin versions prior to 5.8.22. The vulnerability...

WordPress RegistrationMagic Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress RegistrationMagic Plugin prior to version 5.0.2.2, which ste...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48763）

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourcecodester Hospital Patient Record Management System v1.0 is vulnerable to SQL injection. The vulnerability is caus...

pimcore SQL Injection Vulnerability (CNVD-2022-07503)

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce framework and product information management applications. pimcore has a SQL injection vulnerability,...

Simple Cold Storage Management System SQL Injection Vulnerability

Simple Cold Storage Management System is a powerful and flexible ERP system that includes all the complex processing functionality required for cold storage. simple Cold Storage Management System is vulnerable in v1.0 due to a SQL injection vulnerability in the system's view The vulnerability is...

Projectworlds Hospital Management System SQL Injection Vulnerability (CNVD-2022-01378)

Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria. v1.0 of Projectworlds Hospital Management System is vulnerable to SQL injection, which can be exploited by attackers to Execute illegal SQL commands to steal sensitive database data...

WordPress Post Content XMLRPC plugin SQL injection vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress Post Content XMLRPC plugin, which stems from the plugin'...