RuvarOA id parameter SQL injection vulnerability (CNVD-2024-33617)

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of the templateid parameter in the /SysManage/wftemplatechildfieldlist.aspx file against external SQL input. An attacker can exploi...

SQL Injection Vulnerability in Data Leakage Protection (DLP) System of Beijing Yisetong Technology Development Co., Ltd (CNVD-C-2024-272015)

Yisetong Data Leakage Protection DLP is a comprehensive data security product that integrates machine learning, big data analysis, document encryption, access control, correlation analysis, data identification and other technologies. Data Leakage Protection DLP system of Beijing Yisetong Technolo...

SQL Injection Vulnerability in SpringBlade of Shanghai Breadtech Co.

SpringBlade is a microservice architecture upgraded and optimized from a commercial-grade project, built with core technologies such as Spring Boot 2.5 and Spring Cloud 2020, and fully following Alibaba coding standards. Ltd. SpringBlade exists SQL injection vulnerability, attackers can use the...

SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co. Ltd (CNVD-2024-22455)

UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Data Leakage Protection (DLP) System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-22743)

Beijing Yisetong Technology Development Co., Ltd. is a domestic data security, network security and security services provider of three major business. A SQL injection vulnerability exists in the Data Leakage Protection DLP system of Beijing Yisetong, which can be exploited by attackers to obtain...

PT-2024-23284 · Unknown · Contest Gallery

Name of the Vulnerable Software and Affected Versions: Contest Gallery versions prior to 21.3.2 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential unauthorized access or...

SQL Injection Vulnerability in Damon Qizhi Big Data Visualization System of Wuhan Damon Database Co.

Founded in 2000, Wuhan Damon Database Co., Ltd. is a leading database product development service provider in China. A SQL injection vulnerability exists in Wuhan Damon Database Co., Ltd's Damon Qizhi Big Data Visualization System, which can be exploited by attackers to obtain sensitive database...

Customer Support System SQL Injection Vulnerability (CNVD-2024-14030)

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a SQL injection vulnerability that originates from...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13467)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by the lack of validation of the itemname parameter of the billAjax.php file against external SQL input, and can be...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13480)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by the lack of validation of the parameter itemype in the stockentrysubmit.php file for externally entered SQL...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13469)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in version 1.0 of the Kashipara Food Management System, which stems from a lack of validation of externally entered SQL statements in the parameter id of the itemlistedit.php file,...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13479)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which originates from the lack of validation of the rawstockuseddamagingsubmit.php parameter productname against externally-entered SQ...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13471)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by the lack of validation of the typename parameter of the itemtypesubmit.php file against externally-entered SQL...

Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13470)

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by a lack of validation of the itemname parameter of the itemlistsubmit.php file against externally-entered SQL...

Apache StreamPark SQL Injection Vulnerability (CNVD-2024-0217486)

Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit...

PT-2023-31571

Name of the Vulnerable Software and Affected Versions DRDrive versions prior to 20231006 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations For version...

SQL Injection Vulnerability in PLM of Jishikai Industrial Software Co.

Jishikai Industrial Software Ltd. is an enterprise mainly engaged in software and information technology service industry. A SQL injection vulnerability exists in PLM of Jishikai Industrial Software Limited, which can be exploited by attackers to obtain sensitive information from the database...

Visitor Management System SQL Injection Vulnerability

Visitor Management System is a visitor management system. A SQL injection vulnerability exists in Visitor Management System v1.0, which originates from the parameter id of manageuser.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to...

CVE-2023-23563

An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to obtain sensitive database content via SQL Injection...

CVE-2023-23563

An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to obtain sensitive database content via SQL Injection...