SAP NetWeaver Application Server ABAP 安全漏洞

SAP NetWeaver Application Server ABAP is a platform for running and developing applications based on the ABAP language from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server ABAP that stems from a lack of authorization checking, which could allow an overprivileged...

Old Age Home Management System SQL Injection Vulnerability

Old Age Home Management System is a nursing home management system. Old Age Home Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter emeradd in file /admin/add-scdetails.php. An attacker can...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Shenzhou Vision Han Technology Co., Ltd (CNVD-2025-18623)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2025-52474 WeGIA SQL Injection Vulnerability in id Parameter on control.php Endpoint

WeGIA is a web manager for charitable institutions. Prior to version 3.4.2, a SQL Injection vulnerability was identified in the id parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as...

CVE-2025-52474 WeGIA SQL Injection Vulnerability in id Parameter on control.php Endpoint

WeGIA is a web manager for charitable institutions. Prior to version 3.4.2, a SQL Injection vulnerability was identified in the id parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as...

PT-2025-29187 · Advantech · Advantech Iview

Name of the Vulnerable Software and Affected Versions: Advantech iView affected versions not specified Description: A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.restoreDatabase function. An authenticated attacker with user-level privileges can...

Campcodes Online Shopping Portal SQL Injection Vulnerability

CampCodes Online Shopping Portal is an online shopping portal from CampCodes, Inc. Campcodes Online Shopping Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements for the parameter Category in the file /admin/category.php. An...

Shenzhen Lanling Software Co., Ltd. business operation cloud has sql injection vulnerability

Shenzhen BlueLine Software Co., Ltd. is a well-known large platform OA service provider and a leading provider of intelligent knowledge and "AI+Collaboration" solutions in China. There is a sql injection vulnerability in the business operation cloud of Shenzhen BlueLine Software Co., Ltd, which c...

CVE-2020-28702

A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information...

CVE-2020-20583

A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R60321 allows attackers to obtain sensitive database information...

CVE-2020-22122

A SQL injection vulnerability in /oa.php?c=Staff=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...

CVE-2020-20981

A SQL injection in the /admin/?n=logs=index=dolist component of Metinfo 7.0 allows attackers to access sensitive database information...

CVE-2020-28087

A SQL injection vulnerability in /jeecg boot/sys/dict/loadtreedata of jeecg-boot CMS 2.3 allows attackers to access sensitive database information...

CVE-2020-29147

A SQL injection vulnerability in wycontrolls/wysidevisitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information...

CVE-2020-20469

White Shark System WSS 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the logedit.php files failing to filter the csatouser parameter, remote attackers can exploit the vulnerability to obtain database sensitive information...

CVE-2012-4069

Dir2web 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database via a direct request for system/db/website.db...

CVE-2019-11621

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network. A remote background administrator privilege user or a user with permission to manage network configuration could exploit the vulnerability to obtain database sensitive...

CVE-2019-11625

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/emailingRequest.php. A remote background administrator privilege user or a user with permission to manage emailing could exploit the vulnerability to obtain database sensitive information...

CVE-2019-11622

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. A remote background administrator privilege user or a user with permission to manage modulecategory could exploit the vulnerability to obtain database sensitive information via...

SQL Injection Vulnerability in U8 Cloud of UFIDA Network Technology Co.

U8 Cloud is a digital platform for enterprises to go to the cloud, integrating transactions, services and management into a total ERP solution. A SQL injection vulnerability exists in UFIDA U8 Cloud, which can be exploited by attackers to gain access to sensitive database information...