EUVD-2009-2384

Malware in sbrugna...

Web-Based Student Clearance System SQL Injection Vulnerability

Web-Based Student Clearance System is a web-based student clearance system by the individual developer Ndueso Okorie. A SQL injection vulnerability exists in Web-Based Student Clearance System version 1.0, which stems from an incorrect manipulation of the parameter txtpassword that can lead to sq...

PT-2024-18429 · Sourcecodester · Sourcecodester Web-Based Student Clearance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Web-Based Student Clearance System version 1.0 Description: A critical issue was found in the system, affecting an unknown functionality of the file /Admin/login.php. The manipulation of the txtpassword argument leads to SQL...

Covid-19 Directory On Vaccination System SQL注入漏洞

The Covid-19 Directory On Vaccination System is a COVID-19 information management system by an individual developer in Ndueso Okorie, Nigeria. The system will accurately store and retrieve information about COVID-19 vaccinations to control the spread of a pandemic. A SQL injection vulnerability...

CVE-2021-37599

The exporter/Login.aspx login form in the Exporter in Nuance Winscribe Dictation 4.1.0.99 is vulnerable to SQL injection that allows a remote, unauthenticated attacker to read the database and execute code in some situations via the txtPassword parameter...

CVE-2011-2155

Login.aspx in the SmarterTools SmarterStats 6.0 web server generates a ctl00$MPH$txtPassword password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation...

Sql injection

Multiple SQL injection vulnerabilities in login.php in EZ Webitor allow remote attackers to execute arbitrary SQL commands via the 1 txtUserId Username and 2 txtPassword Password parameters. NOTE: some of these details are obtained from third party information...

Sql injection

Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the 1 txtUsername parameter aka Username and 2 txtPassword parameter aka Password in a form generated by home.asp. NOTE: due to lack of details, it is not...

CVE-2009-2388

CVE-2009-2388 describes an SQL injection in Opial 1.0: admin/index.php, vulnerable via the txtPassword parameter, enabling remote execution of arbitrary SQL commands. The root cause is unsanitized input in this parameter. Practical impact stated is remote command execution with partial confidenti...

Sql injection

Multiple SQL injection vulnerabilities in customerlogincheck.asp in ClickTech ClickCart 6.0 allow remote attackers to execute arbitrary SQL commands via 1 the txtEmail parameter aka E-MAIL field or 2 the txtPassword parameter aka password field to customerlogin.asp. NOTE: some of these details ar...

Sql injection

SQL injection vulnerability in logincheck.asp in ClickAuction allows remote attackers to execute arbitrary SQL commands via the 1 txtEmail and 2 txtPassword parameters. NOTE: some of these details are obtained from third party information...

Sql injection

SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the 1 txtusername parameter aka username field or the 2 txtpassword parameter aka password field. NOTE: some of these details are obtained from third party...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in wbadmlog.aspx in uniForum 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 txtuser or 2 txtpassword parameters...

CVE-2005-3199

Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the 1 txtLogin and 2 txtPassword parameters...