CVE-2024-7283

A vulnerability, which was classified as critical, has been found in SourceCodester Lot Reservation Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/manageuser.php. The manipulation of the argument id leads to sql injection. The attack may be launched...

RuvarOA template_id Parameter SQL Injection Vulnerability

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of the templateid parameter of the /WorkFlow/wfgetfieldsapprove.aspx file against externally entered SQL statements. An attacker ca...

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

CVE-2019-9053 Exploit Python 3 This repository contains an e...

PT-2023-21272 · Prestashop · Tshirtecommerce

Name of the Vulnerable Software and Affected Versions: tshirtecommerce aka Custom Product Designer component version 2.1.4 for PrestaShop Description: An issue was discovered in the tshirtecommerce component, where an HTTP request can be forged with a compromised product id GET parameter to explo...

CVE-2007-10002 web-cyradm auth.inc.php sql injection

A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/loginpassword/LANG leads to sql injection. The attack may be launched remotely. The name of the...

Buddybadges <= 1.0.0 - Admin+ SQLi

The plugin does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users https://example.com/wp-admin/options-general.php?page=buddybadge&wpedit=b2f9b59706&edit=1+AND+SELECT+7741+FROM+SELECTSLEEP10hlAf...

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

CMS-Made-Simple-2.2.10---SQL-Injection-Exploit-com-corre-o-de-...

Simplephpscripts Simple CMS 2.1 - &#039;Multiple&#039; SQL Injection

Exploit Title: Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection Date: 2021-10-19 Exploit Author: Vulnerability Lab Vendor Homepage: https://simplephpscripts.com/simple-cms-php Version: 2.1 Tested on: Linux Document Title: =============== Simplephpscripts Simple CMS v2.1 - SQL Injection...

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

CVE-2019-9053 💻 -h3x0v3rl0...

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

CVE-2019-9053 💻 -h3x0v3rl0...

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

CVE-2019-9053 💻 -h3x0v3rl0...

RSVPMaker < 7.8.2 - Unauthenticated SQL Injection

The plugin does not sanitise user input before using it in a SQL statement in the signedupajax AJAX action. Note: Even though the reported SQL Injection was fixed in v7.8.2, other additional sanitisation was implemented in v7.8.3 to 7.8.6. sqlmap -u "https://localhost/?action=signedup&eventcount=...

youke365 V1.0.7 SQL注入2

...

Joomla! File Download Tracker 3.0 SQL Injection

Exploit Title: Joomla! Component File Download Tracker 3.0 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://techsolsystem.com/ Software Link: https://extensions.joomla.org/extensions/extension/directory-a-documentation/downloads/file-download-tracker/ Version: 3.0 Category:...

Joomla! Component DT Register 3.2.7 - &#039;id&#039; SQL Injection

Exploit Title: Joomla! Component DT Register 3.2.7 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://www.dthdevelopment.com/ Software Link: https://extensions.joomla.org/extensions/extension/calendars-a-events/events/dt-register/ Version: 3.2.7 Category: Webapps Tested on:...

Laundry Booking Script 1.0 - list?city SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Laundry Booking Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/laundry-booking-script/ Version: 1.0 Category: Webapps...

OURPHP留言板SQL注入漏洞

No description provided by source...

PHP Classifieds Script 5.6.2 - SQL Injection

PHP Classifieds Script 5.6.2 - SQL Injection Exploit Title: PHP Classifieds Script 5.6.2 SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: https://scriptoffice.com/ Software Link: https://soft.scriptoffice.com/projects/classifiedscript/wiki/MainMenu Demo: http://www.classifieddemo.com/...

zzcms latest version /admin/linkmanage.php sql injection

No description provided by source...

ImagePro Lazygirls Clone Script - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: ImagePro Lazygirls Clone Script - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://bimedia.info/ Software: http://bimedia.info/8-2/ Demo: http://imagepro.clonedemo.com/ Version: N/A Tested on: Win7 x64, Ka...