Fast Food Ordering System SQL Injection Vulnerability (CNVD-2022-48949)

Fast Food Ordering System is a fast food ordering system from Carlo Montero's personal developer. version 1.0 of Fast Food Ordering System is vulnerable to SQL injection, which originates from /ffos/admin/sales/receipt.php?id=page missing validation of external input SQL statements, which can be...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48748）

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. Management System contains a SQL injection vulnerability that originates in...

Fast Food Ordering System SQL Injection Vulnerability (CNVD-2022-48948)

Fast Food Ordering System is a fast food ordering system from Carlo Montero's personal developer. version 1.0 of Fast Food Ordering System is vulnerable to SQL injection, which originates from /ffos/classes/Master.php?f=deletemenu The page lacks validation for external input SQL statements, which...

Directory Management System SQL Injection Vulnerability

Directory Management System is a directory management system. A SQL injection vulnerability exists in Directory Management System v1.0, which stems from a lack of validation of the fullname parameter in add-directory.php against an externally-entered SQL statement. An attacker can exploit this...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48751）

Sourcecodester Hospital Patient Records Management System is a web-based application that provides hospitals with an automated platform to store and manage their patient records. Management System is vulnerable to a SQL injection vulnerability that originates in the...

Sourcecodester Hospital Patient Records Management System SQL注入漏洞（CNVD-2022-48752）

Sourcecodester Hospital Patient Records Management System is a web-based application that provides hospitals with an automated platform to store and manage their patient records. Management System is vulnerable to a SQL injection vulnerability that originates in the...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68960)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getgrade.php?id=The page lacks validation for external SQL statements, which could b...

Web Based Quiz System SQL注入漏洞

Web Based Quiz System is an application used for a simple online based project. Web Based Quiz System v1.0 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the eid parameter of welcome.php. An attacker could use this vulnerability to...

Advanced School Management System SQL Injection Vulnerability (CNVD-2022-68964)

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getteacherprofile.php?myindex=The page lacks validation for external input SQL...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77048)

Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to SQL injection, which originates from the /psrs/admin/?page=products/manageproduct& id= page has SQL injection problem, attackers can use the...

Idea LMS SQL Injection Vulnerability

Idea LMS is a CMS. A SQL injection vulnerability exists in Idea LMS version 2022, which can be exploited by an attacker to execute illegal SQL commands to steal sensitive database data...

WordPress amtyThumb plugin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress amtyThumb plugin 4.2.0 and earlier versions are vulnerable to SQL injection, which stems fr...

Elitecms SQL Injection Vulnerability (CNVD-2022-57762)

Elitecms is a web content management from elitecms India. elitecms version 1.01 has a SQL injection vulnerability, which originates from /admin/editpage.php?page= page lack of validation of external input SQL statements, an attacker can use the vulnerability to execute illegal SQL commands to ste...

Online Ordering System SQL注入漏洞

Online Ordering System is a multi-store ordering system that can be used by any small business.An SQL injection vulnerability exists in Online Ordering System version 2.3.2, which originates from /ordering/admin/user/index.php?view=edit&id=page The lack of validation of externally entered SQL...

Online Fire Reporting System SQL Injection Vulnerability (CNVD-2022-55745)

Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. version v1.0 of Online Fire Reporting System is vulnerable to SQL injection, which originates from /ofrs/classes/Master.php?f= deleteinquiry lacks validation for external input SQL statements,...

ACEware Systems ACEweb Online Portal SQL Injection Vulnerability

ACEware Systems ACEweb Online Portal is a component of the Student Manager solution from ACEware Systems, Inc. A SQL injection vulnerability exists in ACEware Systems ACEweb Online Portal version 3.5.065, which stems from The conditional parameter in showchedule.awp lacks validation for external...

Wedding Management System SQL Injection Vulnerability (CNVD-2022-54296)

Wedding Management System is a wedding planning management system by John Paul Lim Gabule. v1.0 of Wedding Management System is vulnerable to SQL injection, which originates from Wedding-Management/wedding details.php page. details.php page lacks validation of externally entered SQL statements,...

Badminton Center Management System SQL注入漏洞（CNVD-2022-44735）

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. It provides an online and automated platform for badminton centers to manage their daily transactions and records. version v1.0 of Badminton Center Management System is vulnerable t...

Online Car Wash Booking System SQL注入漏洞（CNVD-2022-53354）

Online Car Wash Booking System is an online car wash booking system by Carlo Montero, a personal developer. online Car Wash Booking System v1.0 is vulnerable to SQL injection, which originates from /ocwbs/admin/bookings/ updatestatus.php?id=The page lacks validation for external input SQL...

Online Car Wash Booking System SQL注入漏洞（CNVD-2022-53348）

Online Car Wash Booking System is an online car wash booking system from Carlo Montero. v1.0 of Online Car Wash Booking System is vulnerable to SQL injection, which originates from /ocwbs/admin/services/ manageservice.php?id=The page lacks validation for external input SQL statements, which can b...