545 matches found
Postaci allows arbitrary SQL query execution
Popular webmail software Postaci ships with Debian lacks of checking for malicious SQL code in variables coming from user while deleting addressbook contacts, bookmarks and notes. This gives opportunity to malicious user to execute arbitrary SQL query. The problem affects Postaci if using...
CVE-2000-1233
SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter...
CVE-2024-33800
A SQL injection vulnerability in /model/getstudent1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter...
CVE-2024-33799
A SQL injection vulnerability in /model/getteacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33804
A SQL injection vulnerability in /model/getsubject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...