Kashipara Food Management System SQL注入漏洞

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by a lack of validation of the id parameter of the itemeditsubmit.php file against externally entered SQL statements,...

Kashipara Food Management System SQL注入漏洞

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by the lack of validation of the partyname parameter of the partysubmit.php file against external SQL input, and can b...

Kashipara Food Management System SQL注入漏洞

Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which is caused by the lack of validation of the typename parameter of the itemtypesubmit.php file against externally-entered SQL...

PT-2024-15448 · Unknown · Kashipara Food Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Food Management System version 1.0 Description: A critical vulnerability has been found in the Kashipara Food Management System. This issue affects an unknown part of the file rawstock used damaged submit.php. The manipulation of th...

CVE-2023-49666

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'custmerdetails' parameter of the submitmateriallist.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-49639

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'customerdetails' parameter of the buyerinvoicesubmit.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-49658

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'bankdetails' parameter of the partysubmit.php resource does not validate the characters received and they are sent unfiltered to the database...

PT-2024-13776 · Billing · Billing

Name of the Vulnerable Software and Affected Versions: Billing Software version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the bank details parameter of the "party submit.php" resource does not validate the characters received, and th...

PT-2024-13778

Name of the Vulnerable Software and Affected Versions Billing Software version 1.0 Description The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the custmer details parameter of the "submit material list.php" resource does not validate the characters receive...

Kashipara Billing Software SQL Injection Vulnerability

Kashipara Billing Software is an application from Kashipara India. A SQL injection vulnerability exists in Kashipara Billing Software v1.0, which originates when the customerdetails parameter of the buyerinvoicesubmit.php page is processed without filtering the data and sending it to the database...

Kashipara Billing Software SQL Injection Vulnerability

Kashipara Billing Software is an application from Kashipara India. A SQL injection vulnerability exists in the v1.0 version of Kashipara Billing Software, which originates when the bankdetails parameter of the partysubmit.php page is processed without filtering the data and sending it to the...

PT-2024-13774 · Billing · Billing

Name of the Vulnerable Software and Affected Versions: Billing Software version 1.0 Description: The issue is related to multiple Unauthenticated SQL Injection vulnerabilities. The customer details parameter of the "buyer invoice submit.php" resource does not validate the characters received, and...

Kashipara Billing Software SQL Injection Vulnerability

Kashipara Billing Software is an application from Kashipara India. A SQL injection vulnerability exists in Kashipara Billing Software v1.0, which originates when the id parameter of the partylisteditsubmit.php page is processed without filtering the data and sending it to the database for...

Kashipara Billing Software SQL Injection Vulnerability

Kashipara Billing Software is an application from Kashipara India. A SQL injection vulnerability exists in Kashipara Billing Software v1.0, which originates when the buyeraddress parameter of the buyerdetailsubmit.php page is processed without filtering the data and sending it to the database for...

PT-2024-13772 · Billing · Billing

Name of the Vulnerable Software and Affected Versions: Billing Software version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the id parameter of the "partylist edit submit.php" resource does not validate the characters received, and the...

The vulnerability of the decode_submit_report() function in the OFono mobile phone stack allows a violator to execute arbitrary code.

The vulnerability of the decodesubmitreport function in the OFono mobile phone stack is related to the execution of an operation outside the buffer in memory when sending SMS messages in PDU format. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

WP Crowdfunding < 2.1.10 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Affected settings: - Crowdfunding...

GHSA-94W9-97P3-P368 CSRF Token Reuse Vulnerability

A Cross-Site Request Forgery CSRF vulnerability has been identified in the application, which allows an attacker to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can allow an attacker to inject arbitrary values without any authentication, or perform...

CSRF Token Reuse Vulnerability

A Cross-Site Request Forgery CSRF vulnerability has been identified in the application, which allows an attacker to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can allow an attacker to inject arbitrary values without any authentication, or perform...

Security Bulletin: IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities.

Summary IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-32007 DESCRIPTION: Apache Spark could allow a remote authenticated attacker to execute arbitrary commands on the...