Fast Food Ordering System SQL Injection Vulnerability (CNVD-2022-48947)

Fast Food Ordering System, a fast food ordering system from Carlo Montero's personal developer, is vulnerable to a SQL injection vulnerability in version 1.0 of Fast Food Ordering System, which originates in /ffos/classes/Master.php?f=delete category page lacks validation of externally entered SQ...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48752）

Sourcecodester Hospital Patient Records Management System is a web-based application that provides hospitals with an automated platform to store and manage their patient records. Management System is vulnerable to a SQL injection vulnerability that originates in the...

Fast Food Ordering System SQL Injection Vulnerability (CNVD-2022-48948)

Fast Food Ordering System is a fast food ordering system from Carlo Montero's personal developer. version 1.0 of Fast Food Ordering System is vulnerable to SQL injection, which originates from /ffos/classes/Master.php?f=deletemenu The page lacks validation for external input SQL statements, which...

YouDianCMS SQL Injection Vulnerability (CNVD-2022-59019)

YouDianCMS is a website CMS. A SQL injection vulnerability exists in YouDianCMS v9.5.0, which originates from the lack of validation of the IdList parameter at /App/Lib/Action/Home/ApiAction.class.php against external SQL input. This vulnerability can be exploited to execute illegal SQL commands ...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68965)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /gettimetable.php?id=The page lacks validation for external SQL statements, which cou...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68964)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getteacherprofile.php?myindex=The page lacks validation for external input SQL...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68963)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getsubjectrouting.php?id=The page lacks validation for external input SQL statements...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68956)

Advanced School Management System, a school management system by Angel Jude Reyes Suarez, is a SQL injection vulnerability in version v1.0 of Advanced School Management System, which originates from /school/model/ getclassroom.php?id=The page lacks validation for external input SQL statements,...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68955)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getadminprofile.php?myindex=The page lacks validation for external input SQL...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68954)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getteacher.php?id=The page lacks validation for external input SQL statements, which...

Web Based Quiz System SQL注入漏洞

Web Based Quiz System is an application used for a simple online based project. Web Based Quiz System v1.0 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the eid parameter of welcome.php. An attacker could use this vulnerability to...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68958)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getexam.php?id=The page lacks validation for external input SQL statements, which ca...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68957)

Advanced School Management System, a school management system by Angel Jude Reyes Suarez, a personal developer, has a SQL injection vulnerability in version v1.0, which originates in /school/model/ getevents.php?eventid=The page lacks validation for external input SQL statements, which could be...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77048)

Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to SQL injection, which originates from the /psrs/admin/?page=products/manageproduct& id= page has SQL injection problem, attackers can use the...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77050)

Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to a SQL injection vulnerability that originates in /psrs/admin/fields/viewfield.php?id=page. SQL injection problem, an attacker can use this vulnerabilit...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77049)

Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to a SQL injection vulnerability that originates in /psrs/admin/fields/managefield.php?id=page. SQL injection problem, an attacker can use this...

Amodat Mobile Application Gateway SQL Injection Vulnerability

Amodat Mobile Application Gateway, a mobile application gateway from Amodat Israel, is vulnerable to a SQL injection vulnerability in versions prior to 7.12.00.09, which stems from a lack of validation of external input by agentid SQL statement validation. An attacker could use this vulnerability...

CVE-2022-31447

An XML external entity XXE injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file...

Xxe

An XML external entity XXE injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file...

SQL Injection Vulnerability in mymps Backend

mymps is a php mysql based website builder. SQL injection vulnerability exists in mymps backend, which can be exploited by attackers to obtain sensitive database information...